Microsoft has warned admins to strengthen the passwords linked to a selection of common user names, after reports of a new internet worm spreading for the first time via the Remote Desktop Protocol.
The Morto worm targets Windows workstations and servers, and was first flagged by F-Secure chief research officer Mikko Hyppönen over the weekend.
"Windows has built-in support for this protocol via Windows Remote Desktop Connection. Once you enable a computer for remote use, you can use any other computer to access it," he explained.
"When you connect to another computer with this tool, you can remotely use the computer, just like you'd use a local computer."
Microsoft issued an update to its Malware Protection Centre on Monday claiming that Morto infection numbers are low but still present a threat.
The worm attempts to connect to a selection of hosts linked to common user names including 'admin', 'backup' and 'guest', according to Microsoft.
"It's important to remember that this malware does not exploit a vulnerability in Remote Desktop Protocol, but instead relies on weak passwords," the company said.
"If you haven't already, check if these user names are being used in your environment and change the associated passwords to ones that are strong.
"Even computers that have been cleaned of this threat can be easily reinfected if the passwords are not changed and the computer remains unprotected."
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches