Blaster II about to hit!

Sample code to exploit the problem described in security bulletin MS03-039 has been published on the net. That means a "Blaster II" worm is on the way. The patch for the original Blaster does NOT provide protection. If you haven't applied the subject patch, do it now!

If you want to make sure your patched or check your firewall to make sure you are patched visit http://www.grc.com and run the Shields Up test.

And as always, make sure firewalls are blocking outside ports 135-139 and 445.

**Thanks to the folks in the Windows XP News Group for the alert on this one.

Download the patch from HERE (http://support.microsoft.com/?kbid=824146)

SOURCE (http://www.winxpcentral.com/)

Originally posted by sharedholder@13 October 2003 - 18:43
The patch for the original Blaster does NOT provide protection. If you haven't applied the subject patch, do it now!
this statement is confusing - please clarify

also, ay caramba! where's that Microsoft rant thread...

ive had the updated patch for a few weeks now, i go to bink.nu! so im prepared for MS stuff early! :rolleyes:

Originally posted by DarthInsinuate+13 October 2003 - 18:48--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (DarthInsinuate @ 13 October 2003 - 18:48)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-sharedholder@13 October 2003 - 18:43
The patch for the original Blaster does NOT provide protection. If you haven&#39;t applied the subject patch, do it now&#33;
this statement is confusing - please clarify

also, ay caramba&#33; where&#39;s that Microsoft rant thread... [/b][/quote]

The patch for the original Blaster does NOT provide protection

Is talking about the first Blaster.

Originally posted by DarthInsinuate+13 October 2003 - 18:48--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (DarthInsinuate &#064; 13 October 2003 - 18:48)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-sharedholder@13 October 2003 - 18:43
The patch for the original Blaster does NOT provide protection. If you haven&#39;t applied the subject patch, do it now&#33;
this statement is confusing - please clarify

also, ay caramba&#33; where&#39;s that Microsoft rant thread... [/b][/quote]
makes perfect sense to me.

it means simply, that the orignal patch doesnt provide protection, so the new patch must be applied&#33;

Dam you sharedholder posting while i was typing&#33; :angry:

Dam you sharedholder posting while i was typing&#33;&nbsp;


BTW,what&#39;s hapenend with the new startpage :unsure:

about the new startpage, my sister seriously screwed up me pc&#33; ended up usin killdisk and messed up all my partitions, its sorted now lukily&#33; had quite a bit of homework today, got the last bits to finish off, so probaly tomorrow now, i just need some final links.

me loves my router it protects me from all this crap :P

/me is upto date with security patches as well just in case ;)

im behind a rounter so i guess im safe.

im also on windows ME, which was not affected by the blaster and this new worm, im gonna be getting xp on my new computer that should be comming in about 2 weeks

If you have Sygate Firewall:

Go here. How to protect against the Microsoft RPC vulnerability (http://forums.sygate.com/vb/showthread.php?postid=27914&highlight=block+port#post27914)

btw, I have to slip this funny one from MS usual security bulletins:
Summary
................Who should read this bulletin: Users running Microsoft ® Windows ® :lol: :lol:

:) Thanks Shared Holder&#33;&#33;&#33;&#33;&#33;

You Are a Legend in the forum&#33;&#33;&#33;&#33;&#33;&#33; :D

windows automatic update installed it for me anyway but thanks :)

norton protects from al? apart from downloaded trojans e.t.c. <--doen that before lol but i got rid b4 they noticed was off mess.be

Originally posted by stupidguy@14 October 2003 - 03:56
windows automatic update installed it for me anyway but thanks :)
where r u uk? usa?canada? aus?

uk why?

Originally posted by stupidguy@14 October 2003 - 03:59
uk why?
me 2 when did they update u? we not had it yet?

i dont know.....i just checked remove programs list and its there..........

Originally posted by stupidguy@14 October 2003 - 04:07
i dont know.....i just checked remove programs list and its there..........
last one we got was oct 4th. cumualitive patch for ie6 service pack one is wat we got

Originally posted by nikita69@13 October 2003 - 19:48
If you have Sygate Firewall:

Go here. How to protect against the Microsoft RPC vulnerability (http://forums.sygate.com/vb/showthread.php?postid=27914&highlight=block+port#post27914)

btw, I have to slip this funny one from MS usual security bulletins:
Summary
................Who should read this bulletin: Users running Microsoft ® Windows ® :lol: :lol:
I&#39;m on Windows 2000, I don&#39;t share files or printers with anyone. So according to this, if we use Sygate Personal Firewall to block internet access to and from "Generic Host Process for Win32 Services", we are safe from the RPC vulnerability?

I just turned it off when i got the first blaster and have been fine.

i got the 1st worm and the weltch worm thanks for the tip didnt know there was a second :blink:

OK, I think I am a little paranoid here. At the Sygate forum it says:

Note: No action is needed if you are running Sygate Personal Firewall STD or Sygate Person Firewall PRO with Network Neighborhood file and print sharing disabled within SPF.
Here are my settings for Network Neighborhood:

http://www.chinkii.com/uploads/album/misc/sygate_krackhead2k.jpg

Am I in possible danger, or safe and just paranoid?

looks finehttp://smilies.sofrayt.com/%5E/u/djsmile.gif

i trust norton to tell me like it did with te last one.....and ie update if tht one ever happens again&#33;

I heard Shared Holder said that you have to close some ports of your Internet...

How do you do that?

Originally posted by Cygnuz&#045;Y@14 October 2003 - 06:15
I heard Shared Holder said that you have to close some ports of your Internet...

How do you do that?


How can I close a port? (http://www.anti-trojan.net/en/tec021114.aspx)

Originally posted by sharedholder+14 October 2003 - 06:23--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (sharedholder @ 14 October 2003 - 06:23)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-Cygnuz&#045;Y@14 October 2003 - 06:15
I heard Shared Holder said that you have to close some ports of your Internet...

How do you do that?


How can I close a port? (http://www.anti-trojan.net/en/tec021114.aspx) [/b][/quote]
noob Q this Windows 2000 and Windows XP. If installed, they open three ports automatically: 21, 25 and 80. Port 21 is the FTP server, port 25 the SMTP server (email server) and port 80 the webserver for http we need them all? i feel like a blonde nnow no offence

Is Windows 98 affected by any of this?

@KrackHead2k - it looks fine, I&#39;ll PM u shortly with a list of sites that could help u further in optimizing/securing ur OS.

Please note that:

RESULTS WILL VARY
No matter how good your systems may be, they&#39;re only as effective as what you put into them.