Microsoft Security UpdateSecurity patch to prevent Blaster Worm virus | |
Download |
Microsoft Security Update Ranking & Summary
Advertisement
- License:
- Update
- Price:
- Free
- Publisher Name:
- By Microsoft
- Publisher web site:
- http://www.microsoft.com/
- Operating Systems:
- Windows 2003, Windows 2000, Windows 98, Windows, Windows XP
- Additional Requirements:
- Windows XP, Windows 2000, Windows Server 2003, Windows NT 4.0, NT 4.0 Terminal Services Edition
- File Size:
- info
- Total Downloads:
- 5055
Microsoft Security Update Tags
Microsoft Security Update Description
The Microsoft Product Support Services Security Team is issuing this alert to inform customers about a new worm named W32.Blaster.Worm which is spreading in the wild. This virus is also known as: W32/Lovsan.worm (McAfee), WORM_MSBLAST.A (Trendmicro), Win32.Posa.Worm (Computer Associates). Best practices, such as applying security patch MS03-026 should prevent infection from this worm. This worm scans a random IP range to look for vulnerable systems on TCP port 135. The worm attempts to exploit the DCOM RPC vulnerability patched by MS03-026.Once the Exploit code is sent to a system, it downloads and executes the file MSBLAST.EXE from a remote system via TFTP. Once run, the worm creates the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "windows auto update" = msblast.exe I just want to say LOVE YOU SAN!! billSymptoms of the virus: Some customers may not notice any symptoms at all. A typical symptom is the system is rebooting every few minutes without user input. Customers may also see:Presence of unusual TFTP* filesPresence of the file msblast.exe in the WINDOWS SYSTEM32 directoryTo detect this virus, search for msblast.exe in the WINDOWS SYSTEM32 directory or download the latest anti-virus software signature from your anti-virus vendor and scan your machine.
Microsoft Security Update Related Software