In addition, Sweeny said the U.S. Marshals Service maintenance contract was up-to-date, meaning the agency had paid for upgrades to the software but had failed to install them.

Problems with security on government networks are not new.

An updated Government Accountability Office report issued this week said agencies have made progress in implementing information security requirements but that significant weaknesses persist. The report found 23 of 24 major federal agencies had weaknesses in their agency-wide information security programs. Those agencies included the DOJ.

While the Neeris worm has been around since 2005, a new version was discovered just last month that used the same vulnerability targeted by Conficker. The new version spreads via the Windows "autorun" command.

A to close the critically-rated vulnerability that Neeris and Conficker exploit was issued in October by Microsoft.Still, security researchers this week that Conficker was still infecting 50,000 PCs per day.