Topic: CNN hit by ancient worm

[Amker]

Breaking news: Slacking on security patches opens computers up to attack!

Turner Broadcasting System, a division of Time Warner and parent of news giant CNN, was hit by a malicious bot program on Thursday, CNNMoney.com reported.

The pest--dubbed Delbot or Rinbot by antivirus companies Sophos and Symantec, respectively--spreads through several holes in Microsoft code as well as a known flaw in Symantec's antivirus software.

When installed on a PC, Rinbot opens a back door in the system and connects to an Internet Relay Chat server to let the remote attacker control the compromised computer, according to a description on the Sophos Web site.

Turner apparently got hit because it had not yet updated the Symantec programs on its computers. A fix for the flaw has been available since May and security experts have repeatedly urged users to protect their computers by applying the update.

Rinbot is not the first malicious program to take advantage of the Symantec flaw. A variant of Spybot that exploited the same security hole surfaced in November. This was followed in December by another pest dubbed Sagevo, or Big Yellow. In January, Symantec said the Spybot attacks were persistent and reminded customers to patch.

CNN has been hit by a malicious code attack that exploits a known security flaw before. In 2005, it was hit by the Zotob worm that took advantage of a security hole in the plug-and-play feature in the Windows 2000 operating system. Microsoft had offered a fix for the bug a week earlier.

Rinbot is not a breaking news story, said Ken Dunham, director of the Rapid Response Team at iDefense, a part of VeriSign.

"This is yet one of thousands of bots crawling the Internet today. Some bots are more interesting than others, and some more sophisticated. There is no large global threat issue with Rinbot variants to date," he said.