Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
What You Should Know About the Windows Blaster Worm New Popular
A new worm known as W32.Blaster.Worm (also known as MBlaster, W32/Lovsan.worm, MSBlast, W32.blaster.worm, Win32.posa.worm, Win32.poza.worm) has been identified that is seeking to exploit the vulnerability that was addressed by a recent Microsoft Security Bulletin. Blaster is designed to launch a denial of service attack against Microsoft's Windows Update Web site.
Issue
Microsoft recommends taking the following actions immediately:
For System Administrators and Technical Computer Users
Read the PSS Security Response Team alert for technical guidance.
For Home Computer Users
If you are using Windows NT 4.0, Windows 2000, Windows XP, or Windows Server 2003, you should follow the steps in this sequence to help protect your system and to recover if your system has been infected.
- Make sure you have a firewall installed and activated to help protect your computer against infection, before you take other steps. If your computer has been infected, activating firewall software will help limit the effects of the worm on your computer.
- If you have Windows XP or Windows Server 2003, follow these instructions to enable the Internet Connection Firewall.
- If you have Windows NT 4.0, Windows 2000 or Windows XP, you will need to install a third-party firewall. Most firewall software for home users is available in free or trial versions.
- Alternatively, if you use Windows 2000, you can take steps to block the affected ports so that your computer can be patched. Here are some modified instructions from the TechNet article HOW TO: Configure TCP/IP Filtering in Windows 2000.
- In the Control Panel, double-click Network and Dial-up Connections.
- Right-click the interface you use to access the Internet, and then click Properties.
- In the Components checked are used by this connection box, click Internet Protocol (TCP/IP), and then click Properties.
- In the Internet Protocol (TCP/IP) Properties dialog box, click Advanced.
- Click the Options tab.
- Click TCP/IP filtering, and then click Properties.
- Select the Enable TCP/IP Filtering (All adapters) check box.
- There are three columns with the following labels:
- TCP Ports
- UDP Ports
- IP Protocols
In each column, you must select the Permit Only option.
- Click OK.
- Download and install the security update addressed in Security Bulletin MS03-026 for the version of Windows that you are using from the Microsoft Download Center. When you click the appropriate link below, a dialog box appears. To begin the download process, do one of the following:
- To start the installation immediately, click Open or Run this program from its current location.
- To copy the download to your computer for installation at a later time, click Save or Save this program to disk.
- Make sure you install and use antivirus software.
- If you have antivirus software installed, get the latest virus definitions from your antivirus vendor's Web site.
- If you do not have antivirus software installed, visit Windows Catalog for a list of antivirus software vendors.
- If you think your computer has been infected, use the worm removal tool available at your antivirus vendor's Web site. For additional details on this worm from antivirus software vendors participating in the Microsoft Virus Information Alliance (VIA) please visit the following links:
Learn about Microsoft's Virus Information Alliance.
Affected Products
- Microsoft® Windows NT® 4.0
- Microsoft Windows® 2000
- Microsoft Windows XP
- Microsoft Windows Server 2003
Further Details
Source: Microsoft Corporation
Updated: August 15, 2003
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
