"Blaster attempts to knock Microsoft's windowsupdate.com website off the internet," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "By attempting a denial of service attack on this website, the virus author is deliberately trying to make it difficult for computer users to download the patch they need to secure their copies of Windows against the worm. It's an extremely devious trick by Blaster's author."
The worm contains a message for Microsoft's Bill Gates, which does not get displayed:
I just want to say LOVE YOU SAN!! billy gates why do you make this possible ? Stop making money and fix your software!!
The Blaster worm does not spread via email, but does distribute itself via the internet looking for vulnerable computers that have not been patched against a security hole first reported by Microsoft in mid-July.
"Businesses should note that Blaster doesn't spread by email - so internet email scanning services will not be able to detect this worm, and an absence of reports at your email gateway does not mean you can rest on your laurels," continued Cluley. "Companies should deploy the patch from Microsoft, ensure their firewalls are set up correctly and update the anti-virus protection on their desktop and servers."
Sophos advises users of Apple Macintosh and Unix computers are not affected by the Microsoft security vulnerability, and are not at threat from the worm.
More information regarding the Blaster worm can be found at: http://www.sophos.com/virusinfo/analyses/w32blastera.html
More information regarding the critical vulnerability in Microsoft Windows can be found at:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.