Your Ad Here Your Ad Here
Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Updated Security Threat: Msblast.exe

  1. #1
    iMartin's Avatar ♥Home Grown♥ BT Rep: +9BT Rep +9
    Join Date
    Mar 2003
    Location
    BFE
    Posts
    1,912
    From Mess.be:

    Updated: D'z warned me about this earlier on and now Symantec released a security report regarding the W32.Blaster.Worm.

    This worm will exploit the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. It will attempt to download and run the file Msblast.exe.

    You should block access to TCP port 4444 at the firewall level, and block the following ports, if they do not use the applicaitons listed:

    TCP Port 135, "DCOM RPC"
    UDP Port 69, "TFTP"

    The worm also attempts to perform a Denial of Service on windowsupdate.com. This is an attempt to disable your ability to patch you computer against the DCOM RPC vulnerability.

    To find out whether you're infected, press Ctrl+Alt+Del and verify if the process 'MsBlast.exe' is running. If it is, kill the process MsBlast.exe from the task manager. Next, execute regedit.exe and search for the registry key:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

    Delete "windows auto update"="msblast.exe" from the right pane.

    Final step: delete msblast.exe from either the Windows System and/or System32 folders.

    Update #2: Do these instructions stupefy you? D'z was one of the very first to create an auto-cleaner for this worm, and now Symantec released a removal tool.

    [Detailed removal instructions: Symantec.com]



  2. Software & Hardware   -   #2

  3. Software & Hardware   -   #3

  4. Software & Hardware   -   #4
    iMartin's Avatar ♥Home Grown♥ BT Rep: +9BT Rep +9
    Join Date
    Mar 2003
    Location
    BFE
    Posts
    1,912
    which specifically targets computers running Windows XP and Windows 2000
    Well i guess im safe.



  5. Software & Hardware   -   #5
    what do I put here? BT Rep: +10BT Rep +10
    Join Date
    Jul 2003
    Location
    Australia N.S.W
    Age
    36
    Posts
    11,790
    yes well I tryed that but didnt work

    so i formated a fluked upgrading teh patch before it go me a 4th time

  6. Software & Hardware   -   #6
    Rip The Jacker's Avatar Retired
    Join Date
    Nov 2002
    Location
    Los Angeles, CA
    Age
    31
    Posts
    6,435
    Originally posted by [-Crono-]@12 August 2003 - 16:03
    which specifically targets computers running Windows XP and Windows 2000
    Well i guess im safe.
    I have Win2000. Everything is working great here, no probs.

  7. Software & Hardware   -   #7
    what do I put here? BT Rep: +10BT Rep +10
    Join Date
    Jul 2003
    Location
    Australia N.S.W
    Age
    36
    Posts
    11,790
    year seems to effect XP users more

  8. Software & Hardware   -   #8
    it effects all windows systems, not linux or MAC

  9. Software & Hardware   -   #9

  10. Software & Hardware   -   #10
    k i have 2 Questions how did everyone get it and i dloaded the porgram from microsoft is that enough to keep me safe i'm running on xp pro

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •