The vulnerability is caused by a flaw in the Windows operating system which allows hackers to exploit the "plug and play" capability of the Windows system. The vulnerability can be exploited by an infected machine creating a denial of service (DOS) attack on other vulnerable machines.
By leveraging a chat channel, the initiating hacker gains access to a host machine, leveraging it to attack other networked machines.
To learn more about the Zotob and IRCbot worms visit the IMlogic IM and P2P Threat Center.
Initially rated a low risk by most security industry threat centers, the rapid propagation of the Zotob and IRCbot worms motivated most providers to increase the risk level.
The worm appears to lay quiet on an infected machine until prompted into action by the hacker. The messaging channel opened up by the worm appears to await direction prior to disrupting system activity or propagating itself on the network.