A new version of a malicious computer program known as Nimda is making its way through the world’s computer networks, computer security experts said yesterday.
Nimda.E, the latest version of the computer worm, has been detected on computer networks since Monday. The first version, Nimda.A, was spotted on the Internet on Sept. 18.
The New York Times experienced an interruption of Internet service on Tuesday and part of Wednesday that has been attributed to Nimda, said Catherine J. Mathis, a spokeswoman for the company. ”All of our operations have returned to normal,” she said.
The program is spread primarily through e-mail messages; when a machine on a network is infected, the program searches out and infects servers, the computers that run applications, and causes those machines to flood their own networks with packets of data. That, in turn, slows system performance greatly.
The program, which takes advantage of vulnerabilities in Microsoft’s operating system and server software, can also lay infected systems open to computer intruders.
Microsoft published software patches in September that users could download from the Internet to protect their systems from Nimda. Security experts estimate that Nimda.A infected as many as two million machines before users took measures to protect their computers. Security companies said that because of that earlier effort, the threat from the newly circulating version was not great.
”If you’re not already infected and if you have applied the patches, you’re O.K.,” said Craig Schmugar, a virus researcher at Network Associates, a computer security company based in Santa Clara, Calif. He added, however, that a single infected machine could cause significant disruption throughout a network of computers.
Representatives of the Computer Emergency Response Team, a federally-funded computer security organization at Carnegie Mellon University, said yesterday that they had not seen a significant surge in Nimda.E since it was first detected.