Bill Williams (IT): Support Site
[home]
|
[profile]
|
[register]
|
[help]
|
[Contact Us]
Revise: Blaster (aka Love San) Virus Worm
Note: You must be registered in order to post a Topic or Comment.
To register,
click here
.
Note: Only the poster of this message, and the moderator can edit the message.
Your UserName:
Your Passkey:
Forgot your passkey?
[Click Here]
Subject:
Byline:
for Staff use.
Body Text:
For a guide to
embellishing
the text,
click
here
If you get symptoms like these: [quote] After it has been running a few minutes, an error message appears telling me that "Shutdown has been initiated under the authority of NT ADMINISTRATOR/SYSTEM because the Remote Procedure Call (RPC) service was unexpected terminated. [/quote] Or SVCHOST error messages, you have been infected by the latest virus worm. See the following links for more details & cures. http://www.sophos.com/virusinfo/analyses/w32blastera.html [a]http://www.sophos.com/virusinfo/analyses/w32blastera.html[/a] http://www.visualante.org/msblast/ [a]http://www.visualante.org/msblast/[/a] http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp [a]http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp[/a] Microsoft have now issued a special bulletin about this virus/worm. See http://www.microsoft.com/security/incident/blast.asp [[a]http://www.microsoft.com/security/incident/blast.asp[/a]] It even contains advice for home users. Remember: Anti-virus programs are not magic bullets. Anti virus data distributed by Anti-Virus software supliers ALWAYS lags the virus as the AV software firm has to notice the problem, get samples, analyse them, decide on signature strings add to the AV data, put it where users can get it and then wait for the users to collect the data Most users don't remember to collect the updated data at all. Others don't do it frequently enough. The Blaster worm multiplied extremely quickly from wherever & whenever it was launched. It had infected many many machines within hours, so there was no way that the AV software could have stopped it; it would require that every user tried to download AV data every hour every day, which would overload the AV vendor's servers. However if you look through the links above you see that the Microsoft patch to prevent this exoploit was issued nearly a month ago: July 16, 2003. As I think I've said here before, the probability of Microsoft cocking up an security update patch, is now less than the probability of being hit by a virus, so it is now best for all Window XP or Windows 2000 users to set their systems to use Windows Update to automatically download and install critical security updates. Bill.
Check here to include your profile signature.
Check here Remember Details.
Go to Home Page