A network service worm spreads by exploiting a vulnerability in a network service associated with an operating system or an application. Once a worm infects a system, it typically uses that system to scan for other systems running the targeted service and then attempts to infect those systems as well.
Because they act completely without human intervention, network service worms can typically propagate more quickly than other forms of malware. The rapid spread of worms and the intensive scanning they often perform to identify new targets may overwhelm networks and security systems (e.g., network intrusion detection systems), as well as infected systems. Examples of network service worms are Sasser and Witty.