- Panda Software’s Virus Lab has detected the appearance of another worm/Trojan that also exploits the same Windows vulnerability
The Blaster worm continues to wreak havoc in users PCs, as borne out by the number of incidents recorded by Panda Software’s international tech support network, and it is still the virus most frequently detected by Panda ActiveScan, the free online scanner.
However, the epidemic currently being caused by Blaster could easily have been avoided. The vulnerability exploited was reported by Microsoft almost a month and half ago and was widely reported by the international media. The same advise was repeated time and again: to avoid problems, simply apply the Microsoft patch.
Seemingly this advise fell on deaf ears, judging by the number of computers affected by Blaster. The situation also highlights the general lack of security awareness among home users, who have been affected more than any other user group Users with personal firewalls installed have escaped the effects of the worm, as port 135, used by Blaster to enter computers, is protected by these kinds of programs.
Likewise, the high number of incidents still being caused by Blaster is also largely a result of the failure by users to keep the antivirus software in their PCs completely up-to-date.
Similarly, the RPC DCOM vulnerability continues to cause problems, as Panda Software’s Virus Laboratory has detected the appearance of a new worm/Trojan called W32/RPCSdbot which exploits the Windows vulnerability to take control of the infected computer and spread via e-mail.
However, protecting against Blaster, W32/RPCSdbot and other viruses that could emerge in the near future can be simple, provided users take a few basic precautions:
- Find out about and apply patches to correct vulnerabilities detected in the software installed on your PC. Vendors websites will normally have this sort of information and the downloads. Similarly, e-bulletin services, such as Panda Software’s Oxygen3 24h-365d free newsletter, provide the latest information on these security issues.
- Keep your antivirus updated. The simplest way is to install solutions that update automatically when users connect to the Internet such as Panda Antivirus Titanium or Platinum 7.0.
- Install a personal firewall in your computer, with both broadband and modem connections, as just a few seconds is all it takes for a malicious code like Blaster to infect your PC. Solutions like Panda Antivirus Platinum 7.0 actually include a personal firewall.
Finally, Panda Software advises all users who haven’t done so already to update their antivirus solution. The company has already released the updates to detect Blaster and W32/RPCSDbot, so if your software is not configured to do so automatically, you can update your antivirus from http://www.pandasoftware.com
Panda Software has also released the PQREMOVE application designed specifically to clean and repair systems affected by Blaster. This utility can be downloaded from http://www.pandasoftware.com/downloads/utililities/
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.