NEWSFLASH: This Is Not A Drill - Blaster Worm Link

Wednesday, 13 August 2003, 11:39 am
Article: Alastair Thompson

If computer virus's are like earthquakes… then this one is of a new variety that has the potential to flatten several city blocks. Window's NT, 2000 and XP user's (And - yes that means you at home as well as at work.... )have till Saturday to either become part of the solution or, if unprotected, become part of what looks certain to become a very big problem, very fast.

PHONE NO. AND LINKS FOR MICROSOFT SECURITY THREAT: UPDATED JUN 13TH

Consider:

This is NOT AN EMAIL VIRUS

To this writers knowledge this is the first non-email based attack on an domestic TCP/IP address.

This virus will infect your computer as you connect to the internet if you do not have protection.

You do not have to do anything and you will not necessarily even notice anything when you are infected.

FOR THE AVOIDANCE OF DOUBT: YOU DO NOT EVEN HAVE TO OPEN AN EMAIL… to get infected.

Already thousands if not millions of computers are infected and they are infecting others. The likelihood that your computer will become infected if it is not protected is relatively high.

***********

The PAYLOAD IS MALICIOUS AND POTENT

On August 16 (NZT) August 15th (UST) the Blaster Worm is expected to take over thousands of computers and start a DOS (Denial of Service) attack of Windows Update services. Flooding it with traffic and making it inaccessible. Scoop attempts over the last 24 hours to contact this service have already been interrupted. Some ISPs may be intentionally putting into place their own protections.

This virus is designed to disable the existing automatic security update service run by Microsoft at the very time it is most needed.

Meanwhile it is probable that Blaster Worm variants will appear momentarily if they haven't already.

***********

The virus opens a NEWLY DISCOVERED SECURITY HOLE – DISCOVERED JULY 18TH…

"Two serious new security Vulnerabilities were announced yesterday affecting both the Microsoft Windows operating system and Cisco routing equipment. Due to the severity of these Vulnerabilities and the importance of installing these security patches, Symantec has raised its DeepSight ThreatCon level from 1 to 2.

Microsoft Windows MSRPC Buffer Overflow Vulnerability A new security vulnerability affecting the core part of the Microsoft Windows operating system was announced. It is a significant vulnerability because it does not require any prior authentication for an attacker to exploit it. An attacker with the ability to exploit this vulnerability only requires the ability to connect to port TCP/135 on a vulnerable system. Once exploited, the attacker will have full access to the targeted system."

- Symantec Security Response - Cisco & Microsoft Vulnerabilities
http://www.scoop.co.nz/mason/stories/SC0307/S00086.htm

(Scoop will provide links to ongoing coverage of this issue on this page...)

Previous Related Stories...

Symantec: W32.Blaster.Worm - Upgraded To Level 4
Windows Users, Apply Security Patch Immediately
Symantec Security Response - New Worm - Level 3
Microsoft To Windows Users: Apply Security Patch
Symantec Security Response - Cisco & Microsoft Vulnerabilities

ENDS

© Scoop Media

Alastair Thompson

Scoop Publisher

Alastair Thompson is the co-founder of Scoop. He is of Scottish and Irish extraction and from Wellington, New Zealand. Alastair has 24 years experience in the media, at the Dominion, National Business Review, North & South magazine, Straight Furrow newspaper and online since 1997. He is the winner of several journalism awards for business and investigative work.

Contact Alastair Thompson

• Linkedin
• Twitter - @althecat
• Facebook
• Email - alastair@scoop.co.nz