Blaster worm starts its spread


Windows worm starts its spread (English Version Only)

August 13, 2003

Communnilink has received many reports of this worm from the wild.

A new worm known as W32.Blaster.Worm (also known as MBlaster, W32/Lovsan.worm, MSBlast, W32.blaster.worm, Win32.posa.worm, Win32.poza.worm) has been identified that is seeking to exploit the vulnerability patched with Microsoft Security Bulletin MS03-026. Blaster is designed to launch a denial of service attack against Microsoft's Windows Update Web site.

Description
W32/Blaster-A is a worm that uses the internet to exploit the DCOM vulnerability in the RPC (Remote Procedure Call) service. The DCOM vulnerability was first reported by Microsoft in mid-July. This worm does not use email to spread.

Targeted computers include the following Microsoft operating systems:
Windows NT 4.0
Windows NT 4.0 Terminal Services Edition
Windows XP
Windows Server 2003

Prevention
Microsoft issued a patch for the vulnerability exploited by this worm on July 16, 2003. The patch is available from http://www.microaasoft.com/security/security_bulletins/ms03-026.asp.

"Blaster attempts to knock Microsoft's windowsupdate.com website off the internet," explained Graham Cluley, senior technology consultant for Sophos Anti-Virus. "By attempting a denial of service attack on the windowsupdate.com website, the virus author is deliberately trying to make it difficult for computer users to download the patch they need to secure their copies of Windows against the worm. It's an extremely devious trick by Blaster's author." --- Sophos

The Blaster worm does not spread via email, but does distribute itself via the internet looking for vulnerable computers that have not been patched against a security hole first reported by Microsoft in mid-July.

Auto Worm Cleaner:
http://www.trendmicro.com/download/tsc.asp

Technical Information:-
http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=15888




News Contact

Service Hotline: (852) 2998 0808
Fax: (852) 29977800
Email: service@communilink.net


最新消息
7x24 Malaysia Server, Singapore Server, USA Server, Taiwan Server, Japan Server, China Server ssd email, cloud email, Email Server Rental, Spam Controller, Global SMTP, Smart Email System, Catch SMTP, Offline Email Backup, Secondary MX Record server maintenance, maintenance service hosting, web hosting, hosting hk, cloud hosting, ssd hosting, SSD 網站寄存, Unix Hosting, Windows Hosting colocation, server colocation, colocation hk, hk datacenter, 伺服器託管, 托管伺服器, 香港數據中心 dedicated server, Dell 伺服器租用, Dell Server Rental ACRONIS Backup Solution, ACRONIS 備份方案, Virtual Private Server MyVPS