Blaster Worm Exploits Microsoft Security Hole And Launches Attack On Update Website, Warns Sophos
Posted on 12 August 2003.
Sophos is warning computer users of a new worm spreading across the internet, which exploits a critical vulnerability in versions of Microsoft Windows. The W32/Blaster-A worm (also known as Lovsan, MSBlaster or Poza) - which has been infecting users across the world - also contains a mocking message for Microsoft's chairman Bill Gates, and attempts to launch a denial of service attack on a website run by Microsoft for the purpose of distributing important security patches.

"Blaster attempts to knock Microsoft's windowsupdate.com website off the internet," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "By attempting a denial of service attack on this website, the virus author is deliberately trying to make it difficult for computer users to download the patch they need to secure their copies of Windows against the worm. It's an extremely devious trick by Blaster's author."

The worm contains a message for Microsoft's Bill Gates, which does not get displayed:

I just want to say LOVE YOU SAN!! billy gates why do you make this possible ? Stop making money and fix your software!!

The Blaster worm does not spread via email, but does distribute itself via the internet looking for vulnerable computers that have not been patched against a security hole first reported by Microsoft in mid-July.

"Businesses should note that Blaster doesn't spread by email - so internet email scanning services will not be able to detect this worm, and an absence of reports at your email gateway does not mean you can rest on your laurels," continued Cluley. "Companies should deploy the patch from Microsoft, ensure their firewalls are set up correctly and update the anti-virus protection on their desktop and servers."

Sophos advises users of Apple Macintosh and Unix computers are not affected by the Microsoft security vulnerability, and are not at threat from the worm.

More information regarding the Blaster worm can be found at: http://www.sophos.com/virusinfo/analyses/w32blastera.html

More information regarding the critical vulnerability in Microsoft Windows can be found at:
http://www.microsoft.com/security/security_bulletins/ms03-026.asp





Spotlight

Hackers indicted for stealing Apache helicopter training software

Posted on 1 October 2014.  |  Members of a computer hacking ring have been charged with breaking into computer networks of prominent technology companies and the US Army and stealing more than $100 million in intellectual property and other proprietary data.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //