A decision by Google Inc. to block certain search queries has helped thwart the spread of the Santy worm, but the public release of the worm's source code could lead to new attacks, security experts warned on Wednesday. Google began filtering the worm's queries late Tuesday night, effectively stopping the Santy propagation on vulnerable Web forums running the freely distributed phpBB software.
However, according to an advisory from Kaspersky Lab, the Google filtering is not enough to solve the problem. "The author can always release new versions that use other search engines—MSN or Yahoo, for instance," the anti-virus research firm said in the advisory."This opens the door for new variants to arise. However, I doubt that new variants will be very effective, unless search engines just keep on spitting out new, unpatched sites," Schouwenberg said.
News source: eWeek