Skip to comments.
New Virus hitting hard and furious!!!
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html ^
| 08/11/03
| self
Posted on 08/11/2003 2:33:46 PM PDT by STFrancis
All,
Here a scoop to Freepers which is just now hitting us security pro's.
There is a first vulnerability that uses the MS Bug that MS addressed with MS 03-026 two weeks ago.
It is calling itself MSBLAST.exe and is spreading in the wild unbelievably fast. http://isc.sans.org/diary.html?date=2003-08-11
A first advisory from McAffee has just been published: http://us.mcafee.com/virusInfo/defa...&virus_k=100547 Once it finds a vulnerable system, it will spawn a shell on port 4444 and use it to download the actual worm via tftp. The exploit itself is very close to 'dcom.c' and so far appears to use the "universal Win2k" offset only.
In other words we need to make sure port 4444 is blocked inbound AND outbound.
Of course this is in addition to the MS03-026 patch being installed which Microsoft released two weeks ago (more info regarding the patch here: http://www.microsoft.com/technet/tr...n/MS03-026.asp.
Another advisory was JUST posted by Symantec: http://www.symantec.com/avcenter/ve...aster.worm.html
Just thought everyone ought to know.
Thanks...
TOPICS: Breaking News; News/Current Events; Technical
KEYWORDS: blaster; computer; firewall; internet; macuserlist; microsoft; msblast; techindex; virus; vulnerability; worm
Navigation: use the links below to view more comments.
first previous 1-20 ... 61-80, 81-100, 101-120 ... 301-308 next last
To: Ernest_at_the_Beach
Thanks for the info, Ernest! Someone/something sent me the "w32/bugbear/ virus yesterday, but Norton found it. First time in a long while that I got any kind of virus sent to me.
81
posted on
08/11/2003 5:41:10 PM PDT
by
meyer
To: CHICAGOFARMER
I had this on my laptop at work yesterday and today. The helpdesk fixed it pretty quickly with the MS patch.
82
posted on
08/11/2003 5:43:35 PM PDT
by
goosie
To: Ernest_at_the_Beach
There is an easier way. Download a copy of your favorite Linux distro, burn to cd, put cd in drive, push the reset button on front of computer, follow instructions on screen.
In about 10 minutes you will have a virus free system.
GRIN!!!
83
posted on
08/11/2003 5:44:23 PM PDT
by
amigatec
(There are no significant bugs in our software... Maybe you're not using it properly.- Bill Gates)
To: GoldMan
Be aware that Win95, Win95 OSR2 and Win98 are also no longer supported by Microsoft.
Win98 Second Edition is supported until September 30th, 2003.
WinME is supported until December 31st, 2003.
If you are running the original Windows 98 and a bug comes out that does affect it, there will be no patch for you. After the end of next month, any version of 98 will be unsupported, and after the end of the year, you must move up to Win2k or XP .
To: MrsEmmaPeel
Yes MrsEmma, Please enlighten us.
85
posted on
08/11/2003 5:50:34 PM PDT
by
jbstrick
(Behold the Power of CHEESE!)
To: PoisedWoman
Also, I only surf on AOL...will I be safe? No. Do what's being suggested in this thread.
86
posted on
08/11/2003 6:08:30 PM PDT
by
Timesink
To: STFrancis
This is the REAL DEAL. Within the last two hours I've gotten 3 'HELP' calls from friends and family all wondering why their machines keep re-booting themselves, reporting an RPC error.
Nasty.
87
posted on
08/11/2003 6:14:02 PM PDT
by
Daus
To: Woahhs; kitkat; Nettie; LenS; SengirV; ThinkPlease
Copy and paste it on the notes section of the comments box in the Get Info/General Information pulldown menuEarlier versions of the MacOS did this automatically whenever you downloaded a graphic or piece of text off a web site; I don't know why this functionality was removed from OS X, but I do know it's the single most annoying "feature" of the current OS, IMHO.
Someone must have thrown together some hack to reinstate the functionality, but I've never happened to come across such a thing. If anyone knows where one can be found, I'd sure appreciate a pointer.
88
posted on
08/11/2003 6:16:03 PM PDT
by
Timesink
To: savedbygrace
Oh yeah! I just turned in my order for a dual 2GHz G5 with 4GB of PC3200 DDR400 SDRAM, and a very quick and fast external SCSI eight drive array on an ATTO UL3D, all cabled for dual channel 160MB/sec. Hoo. Hoo. Hoo. Hoo. *drool*
89
posted on
08/11/2003 6:18:22 PM PDT
by
Timesink
To: livius
livius and longjack,
Thank you. It worked!!!!
I sure appreciate your help!! :)
90
posted on
08/11/2003 6:18:28 PM PDT
by
Danette
(Bush 2004)
To: Knitebane
Probably not. This DCOM exploit is not known to affect Win9x (including WinME.) It is known to affect any version of Windows using the NT Kernel. This includes WinNT 3.51, 4.0 Workstation and Server, Win2K (all versions), WinXP and Win2003.Needless to say, the "mainstream" news media has been universally reporting that the exploit affects "essentially all versions of Windows."
Aren't something like 30% of PC owners still running Win98? This sort of piss-poor journalism can cause these people a lot of grief as they run around looking for patches to their systems that are not needed and, indeed, do not exist.
91
posted on
08/11/2003 6:24:30 PM PDT
by
Timesink
To: STFrancis
This is posted from Redhat Linux 8.0 -- no worries here.
92
posted on
08/11/2003 6:25:37 PM PDT
by
gcraig
To: Timesink
Did I mention the 22" Apple Cinema Display? I've had that with a G4 for a while now, but it's definitely front and center with the new G5. With a 15" Viewsonic flat panel LCD to the right of it.
The G5 should run Final Cut Pro 4 pretty smartly, I'm thinking.
To: savedbygrace
Did I mention the 22" Apple Cinema Display? I've had that with a G4 for a while now, but it's definitely front and center with the new G5. With a 15" Viewsonic flat panel LCD to the right of it.If I weren't sitting in front of a 17" flat-panel iMac right now, I may have had to kill you for mentioning that. ;)
What's good to clean these screens with, anyway? Is that special $30 kit from Apple the only safe way to go? Mine's getting a bit smudgy, but I'm afraid to apply any cleaner of any kind to it.
94
posted on
08/11/2003 6:32:08 PM PDT
by
Timesink
To: HairOfTheDog
Don't you know??? Linux hasn't ever required a patch either.
Oh, nevermind, I guess my little google search that located patch #101,000+ doesn't apply, since they can't take out their frustration on Linus Torvalds, or won't, whichever comes first. I wonder where they started numbering those patches? :-)
Yeesh, I'm tired of all this "my OS can beat up your OS" bull$#1t. NOTE for all of you other OS bigots: I run Windows, Mac OS 9.x, OSX, Linux (couple of flavors), Unix (couple of flavors), Solaris and VMS. I do what works for the given place, time and application.
Only the naive think that one OS can be everything everywhere for everyone all of the time, or the unemployed, but maybe that's the same thing. :-)
95
posted on
08/11/2003 6:33:25 PM PDT
by
Ramius
To: savedbygrace
Did I mention the 22" Apple Cinema Display? I've had that with a G4 for a while now, but it's definitely front and center with the new G5.Bitch!
96
posted on
08/11/2003 6:34:39 PM PDT
by
Woahhs
To: Ramius
Only the naive think that one OS can be everything everywhere for everyone all of the time, or the unemployed, but maybe that's the same thing. :-) LOL!
How would you like for this thread to be where you were trying to get advice and help? Might as well tell people to tie a rope on it and call it a boat anchor. -Would be as helpful as the damn disruptive alternate OS evangelists.
MS is the world most people are better off living in... I don't want to build a damn watch, I want to know what time it is.
97
posted on
08/11/2003 6:39:47 PM PDT
by
HairOfTheDog
(And whither then? I cannot say)
To: livius
Thank you! I am having the same problem, although it seems to have abated for the time being. I changed everything to "Take no Action" so I could download a trial of PC-Cillin without it rebooting and I'll download the patch as soon as it is done.
Thank you again.
98
posted on
08/11/2003 6:42:13 PM PDT
by
2Jedismom
(HHD with 4 Chickens)
To: FairOpinion
"In other words we need to make sure port 4444 is blocked inbound AND outbound."I'm just sitting here trying to figure out how to do this. Have 5 pcs behind a LInkSys router and figured there must be a simple way to do this at the rounter to block port 4444 there.
If so, it's not obvious. I can forward ports and trigger ports, but how in the heck does one block a port at the router?
All help appreciated as I'm (obviously) not sharp enough at this to be running a home network.
99
posted on
08/11/2003 6:43:39 PM PDT
by
Lloyd227
To: STFrancis
bookmark
100
posted on
08/11/2003 6:43:52 PM PDT
by
freeangel
(freeangel)
Navigation: use the links below to view more comments.
first previous 1-20 ... 61-80, 81-100, 101-120 ... 301-308 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson