Worm- Megablast!! Be ready for the 16th!

[CoastPC]

Mentioned on Australian TV, on the news, this worm uses your PC to attack Microsoft (windowsupdate.com) using denial of service attacks. On the 16th to the 31st day of the following months: January through August and any day in the months of September to December.
Read about it here>> http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A  
How is your PC? You may be infected and dont know it. The above link gives you instructions on detecting and elimation if needed
Chris

<Edit reason-- To fix URL>

[SensoVision]

thanks for info Chris! it's good to be alerrted before it happen

[SensoVision]

Chris, I've check a link you gave me but it won't work, is it correct one?

[CoastPC]

I cant seem to get the (.A) on the end to remain hot? I have edited the post to explain!  Maybe you can make it work??
All it needs is the .A  to complete the URL..
Chris

[SensoVision]

sure just use BB code, you can find info about it here: http://forum.weblamp.net/YaBBHelp/posting.html#yabbc

[12noon]

Just got this email from my ISP :-

Dear customer,

If you use Windows NT4, Windows 2000, Windows XP or Windows 2003 you may be at risk from a new virus known as MSBlaster.  This virus exploits a known security issue with Windows operating systems.  It can cause your computer to reboot and can also result in slow speeds whilst browsing the Internet.

If you are running one of these operating systems please visit the Symantec website
http://www.sarc.com/avcenter/venc/data/w32.blaster.worm.html
where you can find further information, including instructions on how to remove this virus.

You can also visit the Microsoft site
http://www.microsoft.com/security/security_bulletins/ms03-026.asp
to get the latest security updates.

If you are having problems accessing either of these sites, or would like further information, please visit
http://help.blueyonder.co.uk/blaster

As this is a Microsoft technical issue customers should contact Microsoft technical support for further information at
http://support.microsoft.com

We strongly advise all customers to regularly update their anti-virus protection.

We are taking all the steps we can to minimise the impact of this virus on your service and appreciate your help.

Regards,
the team at blueyonder.

[Queen Bee]

Thanks for the info Chris! I will be on the look-out

[greg]

i got hit by it already last night, i had no clue what was going on when it happened. i jsut searched for the error and found a patch and fixed it up

[CoastPC]

Thanks Denis, the url is now fixed

[susieq]

Yes see, I was running late with being away, on all this info. on the
wormThere is so much decent and un-alarming information here than I could comeup with  
Many thanksto Chris, 12noon and Greg

It certainly pays to through the posts before jumping straight in, with other news, which may well be ancient, doesn't it? as in my case

[susieq]

So, now I came across a little more information of this 'worm' in an Aussie newspaper this time

Courtesy of The Age Newspaper

Microsoft resorts to text messages to patch up security
By Adam Turner
August 19, 2003
 
"Microsoft is warning Australia's IT community of critical security updates via SMS after vowing to overhaul its tangle of patch management services.

Those responsible for securing systems can subscribe to receive text message alerts of any business-critical Level 1 security bulletins, including the web address of full security bulletins and patches.

The service attracted about 700 subscribers on its first day last week, according to Microsoft. It was conceived after the Slammer worm ravaged SQL Server 2000 earlier this year, paralysing corporate IT infrastructure and preventing IT departments from receiving email bulletins about protecting themselves against the worm.

The move is part of the software giant's push to overhaul its "unwieldy'' patch management, says Microsoft's chief security strategist Scott Charney.

Security is too hard to manage and patch management is the industry's greatest security concern, Charney told a security discussion at Microsoft's premier technical conference, TechEd 2003, in Brisbane last week.

"The fact that it's so hard to manage is a function of the IT industry putting out things that are just too hard to configure, too hard to manage, too hard to audit,'' says Charney.

The overhaul is part of Microsoft's "trustworthy computing'' drive to improve its unscrupulous image. The initiative involved additional security training for employees, whose performance evaluations this year will take into account trustworthy computing concerns for the first time.

Actions speak louder than words and Microsoft's track record on security is lacking, says Charney.

He cites the company's failure to provide an installer for the patch protecting against the Slammer worm that ravaged SQL Server 2000, including Microsoft's own servers, by targeting a six-month-old vulnerability.

"I think the best way to change perceptions is to change your track record. This is not unique to Microsoft, but I think the industry as a whole did not focus on security as early as they should have.''

Charney delivered the keynote address at the 10th annual TechEd conference last week, which attracted more than 1600 attendees over four days to seminars, displays and hands-on labs.

Formerly of the US Department of Justice, Charney started as Microsoft's chief security strategist in 2002 and is now also chief trustworthy computing strategist.

"When I took this job in April, people said 'If you do anything, fix patch management','' he says.

Microsoft employs eight installer technologies but this will be consolidated to just two under a new patch management scheme; Update.exe for installing operating system updates and Microsoft Installer 3.0 - which had a beta release last week - for installing applications.

"Every patch will come with an installer. Patches should come with an uninstaller. Patches should register with the operating system so that if you want to test to see if you're patched there's an easy way to do that,'' says Charney.

"The goal is to get away from Windows Update and Office Update and get to Microsoft Update, where you can basically span the suite of products. In the enterprise space you'll see enhancements to Software Update Services and Software Management Services to incorporate that newer technology into the enterprise space as well.''

The Microsoft Baseline Security Analyser tool for checking if computers have the latest patches installed will reach version 2.0 by the end of the year.

Charney was US chief federal prosecutor for cybercrimes during the 1990s and, while in Australia last week, he met representatives of business and government groups, including  the Attorney-General's department and the Australian High Tech Crime Centre."

 

[ched]

I'm curious to see what SoBig.G holds in store for us.  Let's see, SoBig.F expires on September 10th, so the new version could be something nasty around ...

September 11th.

Not that I really think it is a terrorist 'attack', but the timing is rather ironic huh?

[Queen Bee]

Ironic and probably distasteful as well...