http://securityresponse.symantec.com/av ... .tool.htmlBased on the number of submissions received from customers and based on information from the Symantec's DeepSight Threat Management System, Symantec Security Response has upgraded this threat to a Category 4 from a Category 3 threat.
W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. This worm attempts to download and run the Msblast.exe file.
Block access to TCP port 4444 at the firewall level, and then block the following ports, if they do not use the applications listed:
TCP Port 135, "DCOM RPC"
UDP Port 69, "TFTP"
The worm also attempts to perform a Denial of Service (DoS) on Windows Update. This is an attempt to prevent you from applying a patch on your computer against the DCOM RPC vulnerability.
Click here for more information on the vulnerability that this worm exploits, and to find out which Symantec products can help mitigate risks from this vulnerability.
NOTE: This threat will be detected by virus definitions having:
Defs Version: 50811s
Sequence Number: 24254
Extended Version: 8/11/2003, rev. 19
W32.Blaster.worm
Moderator: snoopdog
-
snoopdog
- Yellow Tang
- Posts: 4258
- Joined: Mon Feb 17, 2003 7:37 pm
- Are you a Bot ?: No
- Location: Mobile, Al
- Contact:
W32.Blaster.worm
Considering the fact that this sucker infected my laptop from a remote source and the number of machines that came into the office today this is one mean sucker. There was alot of talk of it yesterday as IT and Admin work alot of overtime handling the support calls. Anyway here is a fix for it and a description.
"When they was no meat we ate fowl, when there was no fowl we ate crawdad. And when there was no crawdad to be found, we ate sand."--Cellmate
"You ate what?"--H.I.
"We ate sand."--Cellmate
"You ate sand?"--H.I.
"That's right."--Cellmate
"You ate what?"--H.I.
"We ate sand."--Cellmate
"You ate sand?"--H.I.
"That's right."--Cellmate
-
snoopdog
- Yellow Tang
- Posts: 4258
- Joined: Mon Feb 17, 2003 7:37 pm
- Are you a Bot ?: No
- Location: Mobile, Al
- Contact:
Your computer will just "reboot" constantly, normally happens if you are on a static connection like DSL or cable, but could happen on dial-up. Also predominate with 2000, or Win XP.
"When they was no meat we ate fowl, when there was no fowl we ate crawdad. And when there was no crawdad to be found, we ate sand."--Cellmate
"You ate what?"--H.I.
"We ate sand."--Cellmate
"You ate sand?"--H.I.
"That's right."--Cellmate
"You ate what?"--H.I.
"We ate sand."--Cellmate
"You ate sand?"--H.I.
"That's right."--Cellmate
-
snoopdog
- Yellow Tang
- Posts: 4258
- Joined: Mon Feb 17, 2003 7:37 pm
- Are you a Bot ?: No
- Location: Mobile, Al
- Contact:
It is listed as a known threat so as long as you are updated then yes.
"When they was no meat we ate fowl, when there was no fowl we ate crawdad. And when there was no crawdad to be found, we ate sand."--Cellmate
"You ate what?"--H.I.
"We ate sand."--Cellmate
"You ate sand?"--H.I.
"That's right."--Cellmate
"You ate what?"--H.I.
"We ate sand."--Cellmate
"You ate sand?"--H.I.
"That's right."--Cellmate
-
Melissakins
- Bristleworm
- Posts: 610
- Joined: Tue Mar 11, 2003 1:44 pm
- Location: Bay Minette
Here's something you might try:
Windows 2000 Patch:
http://microsoft.com/downloads/details. ... laylang=en
Windows XP Patch:
http://microsoft.com/downloads/details. ... laylang=en[/url]
Or run a Windows update: Start button, Window's update, etc...
Windows 2000 Patch:
http://microsoft.com/downloads/details. ... laylang=en
Windows XP Patch:
http://microsoft.com/downloads/details. ... laylang=en[/url]
Or run a Windows update: Start button, Window's update, etc...
"You can say any fool thing to a dog, and the dog will give you this look that says, `My God, you're RIGHT! I NEVER would've thought of that!'" - Dave Barry
40 gallon tall
15 gallon refugium
2.5 gallon mantis tank
40 gallon tall
15 gallon refugium
2.5 gallon mantis tank