According to Finnish security firm F-Secure, the Dasher.B worm, after infiltrating Windows 2000 and Windows XP systems that have not installed the MS05-051 patch, will automatically download a rootkit capable of logging keystrokes (keylogger) from a remote server.
Just one day before the release of Dasher.B, on December 14, the Dasher.A worm, created from an exploit code that was released online two weeks prior, also emerged. However, the first version failed to advance due to programming errors and was hosted on a defunct server in China.
The two Dasher variants are not considered a major threat, but they indicate that malicious programmers continue to probe vulnerabilities in Windows systems.
At the end of November, Microsoft also acknowledged that the exploit code for the MSDTC vulnerability in MS05-051 had begun circulating online, but asserted that hackers could not gain remote control of the systems.
