Computer worms are programs that reproduce, execute independently, and travel across network connections. The key difference between a virus and worm is the manner in which each reproduces and spreads. A virus is dependent upon the host file or boot sector and the transfer of files between computers to spread, whereas a computer worm can execute completely independently and spread on its own accord through network connections.
The security threat from worms is equivalent to that of viruses. Computer worms are skilled enough to do serious damage such as destroying crucial files in a system, slowing a system down to a large degree, or even causing some critical programs to stop working. Two very prominent examples of worms are the MS-Blaster and Sasser worms.
Computer Worm Examples
Robert Morris unleashed the original computer worm (perhaps accidentally) on the Internet in 1988. The Internet Worm used sendmail, fingerd, and rsh/rexec to spread itself across the Internet.
The SQL Slammer Worm, which was founded in 2003, used a vulnerability in Microsoft SQL Server 2000 to spread itself across the Internet. The Blaster Worm, also founded in 2003, used a vulnerability in Microsoft DCOM RPC to spread itself.
The Melissa worm founded in 1999, the Sobig worms founded in 2003, and the Mydoom worm founded in 2004 all spread through e-mail. These worms shared some Trojan Horse features in that they spread by tempting a user to open an infected e-mail attachment.
Protect yourself against Computer Worms
Computer worms, like SQL Slammer and Blaster, that spread through vulnerabilities in network services can best be protected against by keeping the anti-virus up to date and installing patches that operating system and application vendors provide.
Computer worms that spread like Trojan Horse can best be defended against by not opening attachments in e-mails. These infected attachments are not limited to .EXE files. Microsoft Word and Excel files can contain macros that spread infection.