Recently, a worm, MSBlast, has been spreading on the web at a tremendous speed and infected more than 120,000 computers. The forums I frequent seem to have lots of discussion on this. Lots of finger-pointing are involved. The author of this worm addressed to Microsoft chairman in the worm: “billy gates why do you make this possible?” and continues with “Stop making money and fix your software!!”.
So it’s Microsoft’s fault? Not exactly too. This Windows vulnerability has been patched on July 16, 2003. It is listed as a critical update in the Windows Update web site. This worm works in a unconventional way, taking advantage of the Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) in Windows 2000, NT and XP. It uses File Transfer Protocol (FTP) to download itself to the victim’s computer. Those people who are infected apparently failed to patch the vulnerability that has been release about a month ago.
The worm also attempts to cause a denial-of-service attack on Microsoft’s WindowsUpdate.com, similar to the Code-Red worm that aims at WhiteHouse.gov. It causes Windows Update web site to be very slow, but has yet to bring the servers down.
To prevent this from happening, download the patch from Microsoft.
* Windows NT 4.0 Server
* Windows NT 4.0 Terminal Server Edition
* Windows 2000
* Windows XP 32-bit Edition
* Windows XP 64-bit Edition
* Windows Server 2003 32-bit Edition
* Windows Server 2003 64-bit Edition
For removal of this worm:
* Central Command
* F-Secure
* McAfee
* Symantec
* Trend Micro.
I advise you to visit the Windows Update site often or subscribe to Microsoft Windows’ mailing list to get updates on their software. This attack could easily be avoided. It is simply due to the public’s ignorance that cause more than 120,000 computers infected.
Possibly related:
Tags: errors, microsoft, software, technology