Blaster worm starts its spread
August 13, 2003
Communnilink has received many reports of this worm from the wild.
A new worm known as W32.Blaster.Worm (also known as MBlaster, W32/Lovsan.worm, MSBlast, W32.blaster.worm, Win32.posa.worm, Win32.poza.worm) has been identified that is seeking to exploit the vulnerability patched with Microsoft Security Bulletin MS03-026. Blaster is designed to launch a denial of service attack against Microsoft's Windows Update Web site.
Targeted computers include the following Microsoft operating systems:
"Blaster attempts to knock Microsoft's windowsupdate.com website off the internet," explained Graham Cluley, senior technology consultant for Sophos Anti-Virus. "By attempting a denial of service attack on the windowsupdate.com website, the virus author is deliberately trying to make it difficult for computer users to download the patch they need to secure their copies of Windows against the worm. It's an extremely devious trick by Blaster's author." --- Sophos
The Blaster worm does not spread via email, but does distribute itself via the internet looking for vulnerable computers that have not been patched against a security hole first reported by Microsoft in mid-July.
Auto Worm Cleaner:
Service Hotline: (852) 2998 0808