Blaster worm starts its spread


Windows worm starts its spread (English Version Only)

August 13, 2003

Communnilink has received many reports of this worm from the wild.

A new worm known as W32.Blaster.Worm (also known as MBlaster, W32/Lovsan.worm, MSBlast, W32.blaster.worm, Win32.posa.worm, Win32.poza.worm) has been identified that is seeking to exploit the vulnerability patched with Microsoft Security Bulletin MS03-026. Blaster is designed to launch a denial of service attack against Microsoft's Windows Update Web site.

Description
W32/Blaster-A is a worm that uses the internet to exploit the DCOM vulnerability in the RPC (Remote Procedure Call) service. The DCOM vulnerability was first reported by Microsoft in mid-July. This worm does not use email to spread.

Targeted computers include the following Microsoft operating systems:
Windows NT 4.0
Windows NT 4.0 Terminal Services Edition
Windows XP
Windows Server 2003

Prevention
Microsoft issued a patch for the vulnerability exploited by this worm on July 16, 2003. The patch is available from http://www.microaasoft.com/security/security_bulletins/ms03-026.asp.

"Blaster attempts to knock Microsoft's windowsupdate.com website off the internet," explained Graham Cluley, senior technology consultant for Sophos Anti-Virus. "By attempting a denial of service attack on the windowsupdate.com website, the virus author is deliberately trying to make it difficult for computer users to download the patch they need to secure their copies of Windows against the worm. It's an extremely devious trick by Blaster's author." --- Sophos

The Blaster worm does not spread via email, but does distribute itself via the internet looking for vulnerable computers that have not been patched against a security hole first reported by Microsoft in mid-July.

Auto Worm Cleaner:
http://www.trendmicro.com/download/tsc.asp

Technical Information:-
http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=15888




News Contact

Service Hotline: (852) 2998 0808
Fax: (852) 29977800
Email: service@communilink.net


最新消息
server maintenance, maintenance service ACRONIS Backup Solution, ACRONIS 備份方案, Virtual Private Server MyVPS ssd email, cloud email, Email Server Rental, Spam Controller, Global SMTP, Smart Email System, Catch SMTP, Offline Email Backup, Secondary MX Record 7x24 colocation, server colocation, colocation hk, hk datacenter, 伺服器託管, 托管伺服器, 香港數據中心 Malaysia Server, Singapore Server, USA Server, Taiwan Server, Japan Server, China Server dedicated server, Dell 伺服器租用, Dell Server Rental hosting, web hosting, hosting hk, cloud hosting, ssd hosting, SSD 網站寄存, Unix Hosting, Windows Hosting