Bill Williams (IT): Support Site
Bill Williams (IT): Support Site

adv19_123.gif
[home] | [profile] | [register] | [help] | [Contact Us]

[Sections]
[Virus Warnings]
       this page
Virus Warnings   [Tell someone about this]
By Blaster (aka Love San) Virus Worm
Bill Williams


Edit MessageUploaded - 15 Aug 2003 15:48

If you get symptoms like these:

quote:

After it has been running a few minutes, an error message appears telling
me that "Shutdown has been initiated under the authority of NT
ADMINISTRATOR/SYSTEM because the Remote Procedure Call (RPC) service was
unexpected terminated.

Or SVCHOST error messages, you have been infected by the latest virus worm.

See the following links for more details & cures.

http://www.sophos.com/virusinfo/analyses/w32blastera.html Link

http://www.visualante.org/msblast/ Link

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp Link


Microsoft have now issued a special bulletin about this virus/worm.

See http://www.microsoft.com/security/incident/blast.asp [Link]


It even contains advice for home users.

Remember: Anti-virus programs are not magic bullets.

Anti virus data distributed by Anti-Virus software supliers ALWAYS lags the virus as the AV software firm has to notice the problem, get samples, analyse them, decide on signature strings add to the AV data, put it where users can get it and then wait for the users to collect the data

Most users don't remember to collect the updated data at all. Others don't do it frequently enough.

The Blaster worm multiplied extremely quickly from wherever & whenever it was launched. It had infected many many machines within hours, so there was no way that the AV software could have stopped it; it would require that every user tried to download AV data every hour every day, which would overload the AV vendor's servers.

However if you look through the links above you see that the Microsoft patch to prevent this exoploit was issued nearly a month ago: July 16, 2003.

As I think I've said here before, the probability of Microsoft cocking up an security update patch, is now less than the probability of being hit by a virus, so it is now best for all Window XP or Windows 2000 users to set their systems to use Windows Update to automatically download and install critical security updates.


Bill.

Home Page.

Click to Add Comments.
	
	
	
	
	
	
	

Implemented by Bill Williams (IT)
based on ASP Forum.

4774
adv19_123.gif