Panda Software Alerts on New Worm W32/Blaster
Posted on 12.08.2003
- It has been created to exploit the new vulnerability discovered in several versions of Microsoft Windows
- Panda Software has started receiving incidents caused by this malicious code

Panda Software's Virus Laboratory has reported the appearance of a new worm called W32/Blaster, which exploits a vulnerability recently discovered in Windows.

Blaster does not spread through the usual means, it scans the internet for computers that are vulnerable to its attack. Once found, it tries to enter the system through the port 135 to create a buffer overflow. One indication of infection is unusual activity on this port. This will show up in reports from your Firewall if you have one running.

Once installed in a machine, Blaster scans random IP ranges, with the aim of finding more PCs to infect. In addition, it creates a file in the system called msblast.exe, which contains the code of the worm. It creates a registry key to ensure it is started when the operating system is restarted.

However, the purpose of this malicious code, is to infect as many computers as possible to carry out a Denial of Service Attack against the web site www.windowsupdate.com which has been coded in this worm to take place on August 15th.

This Windows vulnerability, which Microsoft has classified "critical", affects systems with Windows NT, 2000, XP, and Server 2003. This security hole could allow hackers to gain remote control of affected computers. For this reason and in order to avoid falling victim to an attack, Panda Software advises network administrators, IT managers and home users to immediately install the patches released by Microsoft to fix this vulnerability. These are available at http://www.microsoft.com where you can also find detailed information about this flaw.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //