cancel
Showing results for 
Search instead for 
Did you mean: 

Significant Virus Threat From w32.Blaster.worm

N/A

Significant Virus Threat From w32.Blaster.worm

Hi,
This is just to let you know of the latest mass mailling worm virus called
W32.Blaster.Worm (also known by various other titles depending on your anti-virus software vendor), spread is rapid, damage=medium, number of infected system is now high.

**This worm expliots a security hole in Windows2000 & WindowsXP it does this through DCOM & RPC

**Symantec have already written a removal tool which can be downloaded from the symantec website http://www.symantec.com or http://www.symantec.co.uk (free of charge)

**Also be aware that MS has released a security patch which should also be downloaded after the infected machine has been cleaned. i.e. your machine should be patched to prevent further infection.

(13/08/03 at 23:04pm)

Ivan
10 REPLIES
N/A

Re: Significant Virus Threat From w32.Blaster.worm

Quote
**This worm expliots a security hole in Windows2000 & WindowsXP it does this through DCOM & RPC


Is this the flip side, as it were, of the warning notices from Force9: eg Announcement: Repost: Important Security Notice and its subsequent update Announcement: Important Security Notice - Update?
N/A

Significant Virus Threat From w32.Blaster.worm

correct
N/A

Anyone running Windows2000 OS

Hi,
For anyone running a Windows 2000 (pro or home) please be aware that inorder to install the MS patch to protect your machine from further (future)
w32.blaster.worm infection you will have to have "Service Pack 2" installed before the patch can be correctly installed.

Steps are:-

a) install service pack 2 for windows 2000
b) install the MS patch for windows 2000 OS
c) download & run the symantec removal tool "Fixblast.exe"
d) reboot your system

*This process should leave you with a clean patched machine, hope this might be of some use?

Ivan
N/A

Re: Anyone running Windows2000 OS

Quote
For anyone running a Windows 2000 (pro or home) please be aware that inorder to install the MS patch to protect your machine from further (future)
w32.blaster.worm infection you will have to have "Service Pack 2" installed before the patch can be correctly installed.


Ivan: Your comment doesn't tally well (as I understand it, anyway!) with a comment on the MS Security Bulletin (expand the Frequently Asked Questions section):

Quote
Is the patch supported on Windows 2000 Service Pack 2?

This security patch will install on Windows 2000 Service Pack 2. However, Microsoft no longer supports this version, according to the Microsoft Support Lifecycle policy found at http://support.microsoft.com/lifecycle. In addition, this security patch has only received minimal testing on Windows 2000 Service Pack 2. Customers are strongly advised to upgrade to a supported service pack as soon as possible. Microsoft Product Support Services will support customers who have installed this patch on Windows 2000 Service Pack 2 if a problem results from installation of the patch.


Presumably, there's a Service Pack 3 (or even later?), which is evidently what MS expects people to be using if they are running Windows 2000.

As it happens, I have a friend who uses Windows 2000 at home (the "Pro" edition, as distinct from one of the server editions -- there is no "home" edition of that OS, is there?), and I believe he recently mentioned to me that he has rejected the service packs beyond SP2 because MS had introduced features which run counter to his interests; he was not prepared to accept the clauses in the licence agreement relating to them. So it matters that the security fix can be installed on a SP2 version of the OS if required, for I don't think he has any interest in an overpriced software upgrade for what is merely a point increment on the "NT" version of Windows (5.0 to 5.1).
N/A

Significant Virus Threat From w32.Blaster.worm

Task,

The latest service pack for Windows 2000 is SP4. I agree with your friend that Windows is overpriced software but what's the cost of upgrading to a more recent service pack? Would the changes in the licensing agreement mean that he needs to buy more licenses or something? I certainly didn't pay anything for any service packs and I don't intend to start now!

Quote
point increment on the "NT" version of Windows (5.0 to 5.1).


What did you mean by this? I know that Windows 2000 is NT5 (and XP is NT6) but what's NT5.1?

You're right that there's no "Home" version of Windows 2000, although M$ did seem to be pushing Windows ME as the "Home" equivalent before everyone worked out that ME was pants.

Jon.
N/A

Significant Virus Threat From w32.Blaster.worm

Quote
I know that Windows 2000 is NT5 (and XP is NT6) but what's NT5.1?


I understand Windows XP to be "NT" 5.1. If you have XP, run "winver" and see the evidence for yourself. XP is a point upgrade from Windows 2000, so it shouldn't cost £170 or whatever to upgrade. I recall reading in a UK PC magazine shortly after it came out that some person from MS (UK) justified that cost on the basis of XP having a proper 32-bit kernel, etc, etc -- all points relevant to people upgrading from "toy" Windows, but not to Windows 2000 users.

The unacceptable part of Service Pack 3 was not licencing costs but features installed in the OS which reduced his privacy. At least, that's the view he was putting forward to me (I haven't been following the ins-and-outs of Windows 2000 for at least 15 months, so it's not something I was bothered about confirming). It was because of this he has, as far as I am aware, refused to install it.

Thanks for the information about Service Pack 4, which I hadn't been aware of.
N/A

Significant Virus Threat From w32.Blaster.worm

Quote
I understand Windows XP to be "NT" 5.1. If you have XP, run "winver" and see the evidence for yourself.


Wow, that's news to me! Odd as well given that the version numbers are under Microsoft's control - they could have easily called it NT6.0 and justified it however they wanted.

Having come from a background of NT4.0 Workstation/Server and Windows 2000 Professional/Server I would have expected either Windows XP Server as the latest server product or Windows 2003 Professional as the latest desktop product given that they derive from the same kernel but there's no accounting for marketing lunacy when there's this much money at stake...


Jon.
N/A

Significant Virus Threat From w32.Blaster.worm

Hey, Bigjon: haven't you got "Professional" and "Server" round the wrong way in that last para?

It didn't surprise me that the difference between Windows 2000 and Windows XP was only ".1" -- think about the amount of time which expired between the launch of NT 4.0 and Windows 2000, and then between Windows 2000 and XP. Not long enough for massive changes.

It'd be interesting to see what is returned by "winver" on a Windows 2003 Server system!
N/A

The point I was trying to make?

Hi
The point I was trying to make before all this stuff about version numbers & service packs took off, was that if you have a windows 2000 pro machine with just service pack 1 installed and you attempt to install the required security patch to block the blaster worm then it wont work (wont install the patch) win2k asks you to install service pack 2 before you can do this fix thats all.

Ivan
N/A

Significant Virus Threat From w32.Blaster.worm

Quote
Hey, Bigjon: haven't you got "Professional" and "Server" round the wrong way in that last para?


Hmm, not sure but it was a pretty pointless para anyway Smiley

Quote
It'd be interesting to see what is returned by "winver" on a Windows 2003 Server system!


Well apparently 2003 server is 5.2 so if XP is 2000 with pretty colours and a firewall nobody uses then 2003 is XP with knobs on Wink