Prolific worm infects 3.5m Windows PCs


This is exactly what happened to thousands of computers at Swedish hospitals, just days ago. They’re trying to restore it all, as we speak. Very serious IMO - causing issues with x-ray machines and other stuff.

They were “protected” by F-Secure.

Do’h F-Secure.
F-Secure didn’t protected me from x.exe virus from flash drive.

Hospitals need hardware firewalls and linux software.

I think they need vaccine (prevention) before medicine (detection & cure). Unfortunately, some of the machines at the hospitals I refer to, still use Windows 98. I’ve emailed them about CIS though, maybe they can consider it for XP machines (and maybe Vista if they have any 88)).

My guesstm is that the hospitals do have hardware firewalls, which won’t stop this problem in any event.

The real issues appear to be:

  • failure of the hospitals to properly update and secure their computers, and
  • exposure of critical systems to the public Internet,

which have nothing to do with the choice of operating system.


Is it any reason whatsoever that a X-ray machine should be connected to Internet? I bet it didn’t even have a firewall. I fucking hate how the Swedish government deals with security. You can’t expect a doctor to know how to handle the computer, you need to hook them up, or someone has to, giving them a locked down user, with all security settings locked in a strict manner.

Someone did brake into a Swedish hospital database too for about 2 years ago I think, and that fellow did download some stuff from it, thats how good they protect the info they are supposed to handle.

I don’t think its only about updating.

They need to LOCK IT DOWN properly and maby hire one or two guys who checks the system now and then or full time.

Maybe, but the range of available security programs does.

I’ve got a question about this worm. I remember back when the sasser worm was terrorizing ppl a friend of mine simply logged online and somehow the worm infected his pc. Is this new worm like that? Or is it one of those that trick you into downloading some weird file that triggers it?

Like that. Unpatched machines without any software/hardware firewall inbound protection are likely to become infected when online.
It can also spread on LAN using network shares and use autorun.inf infection methods.


only if they had CIS, it would have stopped it in its tracks!!!;msg241581#msg241581

It gave a red alert and said it was a malware… I mean what more can u ask for???