MEDINA, Ohio August 11, 2003 - Central Command, a leading provider of PC anti-virus software and services, today warns Internet users of Worm/Lovsan.A, an Internet worm circulating worldwide. Discovered on August 11, 2003, Worm/Lovsan.A, attempts to use the RPC Buffer Overrun vulnerability (a security hole) within un-patched Microsoft Windows NT, Windows 2000, Windows XP and Microsoft Windows server™ 2003 operating systems. This Internet worm does not affect Linux, Unix and Apple users.
Worm/Lovsan.A is an Internet worm that exploits known security vulnerability in Microsoft's Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. This security breach allows someone with malicious intent to run code of his or her choice. TCP port directly affected by this exploit includes: 135.
Worm/Lovsan.A will download and run the file msblast.exe using the Trivial File Transfer Protocol (Tftp).
"Unfortunately, un-patched systems are again proving to be a vector for fast spreading Internet based worms. Updating antivirus software and patching systems against the latest exploits and vulnerabilities should become standard habit," said Steven Sundermeier, Vice President of Products and Services at Central Command, Inc. "A properly patched system would prevent someone with malicious intent from successfully gaining control over a compromised computer under the scope of this vulnerability."
A detailed analysis can be found at (www.centralcommand.com).
A patch has been available for since July 2003. More information about this vulnerability can be found in Microsoft Security Bulletin MS03-026.
Vexira Antivirus starts at $39.95, and a free 30-day trial version may be downloaded from here or obtained by contacting Central Command at +1-330 723-2062.
About Central Command: A leader in the anti-virus industry, Central Command, Inc., a privately held company, serves home PC users and industrial, financial, government, education, healthcare and service firms with virus protection software, services, and information. The company services customers in over 98 countries and is headquartered in Medina, Ohio. Visit Central Command online here or call 1-330-723-2062 for more information.
Central Command, EVRT, Vexira, and Emergency Virus Response Team are trademarks of Central Command, Inc. All other trademarks, trade names, and products referenced herein are property of their respective owners.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.