Dang Dawg Darn Worm

[Kruzr]

Well for the 2nd time in 2yrs I got hit by a worm/virus. Microsoft really needs to plug up the holes!

Dang address list. People should not use an address list on their computer. Jot the email address down like I do on a 'post it' note.

Ugh!

Beware of the worm called :: W32.BLASTER.WORM aka MSBLAST
Update Windows Now!!!

[Phineus]

BigDogge just posted this link on the main

http://securityresponse.symantec.com/av ... .worm.html

I hope it helps.

[Phineus]

Update. American Pride found a MS patch


http://microsoft.com/downloads/details. ... E40F69C074

[ZOtm_BigDOGGe]

Install those firewalls everone, and USE them 100% of the time that your computer is on the net....if you are connected 24 hours a day, then run your firewall 24/7...

....and I recommend turning HTML off in your email....Malicious code can be executed that way.

Don't trust the built-in XP firewall...it only blocks incoming data, and doesn't protect your netbios port.

I ran updated antivirus scans on both my XP and Win98 machines last night...no bugs.

[legwon]

personnally, i am using the XP firewall and have no problems. i run through grc.com every couple of months and it says im A-OK. even the new port program he has says im 100% stealth.
(large pic) http://www.mwg.mw-gaming.com/legwon/pics/grc_sth.jpg

[Wint]

To repeat what BigDOGGe shared and then some:

The exploit the current worm is using, in a nutshell: "By sending a specially crafted message to the TCP port 135 of a vulnerable host, remote attackers can exploit the flaw to obtain full access to the target system." So simple! Luckily Win98 seems immune.

Port testing at GRC:
http://grc.com/default.htm

Frisk, the F-prot/F-secure people, have great info and free removal tools:
http://www.europe.f-secure.com/v-descs/msblast.shtml

Symantec has info and tools:
http://securityresponse.symantec.com/av ... .worm.html

Frisk, makers of F-prot have other info:
http://www.f-prot.com/virusinfo/descrip ... lastA.html

McAfee has info too:
http://us.mcafee.com/virusInfo/default. ... s_k=100547

Symantec's downloadable fix seems an easy route:
http://securityresponse.symantec.com/av ... .tool.html

As for anti-virus in general, I happen to use F-prot for DOS (works under all windows versions):
http://www.f-prot.com/download/download_fpdos.html
ftp://ftp.f-prot.com/pub/dos/

F-prot definition update updated just daily:
ftp://ftp.f-prot.com/pub/fp-def.zip

[ZOtm_BigDOGGe]

Leg, I hear the XP firewall doesn't block the netbios port ( I didn't see the test for it, but maybe MS finally plugged that hole...My XP filewall used to fail the old test with the netbios scan).

I DID hear that some firewalls only block incoming data, and do nothing to programs installed on your machine trying to send data out without telling you (like spyware or a trojan...Real-player is an example))....Zone Alarm blocks in both in & outward directions, and tells you which programs it is blocking, and in which direction the data is trying to flow...

Head back to GRC.com, download the tiny LEAKTEST utility, and see if the XP firewall is blocking programs on your computer from reaching out.....When you run leaktest.exe, Zonealarm should give a pop-up saying something like:

"do you want to allow leaktest firewall testing utility to access the internet?".

Answer NO, and leaktest will tell you if it could get through to the internet or not.

http://grc.com/lt/leaktest.htm

----------------------------------------

If you get NO warning message, and/or Leaktest says it could get through, then your firewall isn't providing enough protection.

[Fila]

XP sucks.

When i installed it and went to "Windows Update" i had to download a total of 45megs of critical patches.

In 98se, 3 months ago when i went for a Windows Update i only had to download around 25megs of critical updates (or even less, i can't remember exactly).

Is this that worm that makes your computer attack Bill Gates website on 16 August telling him to stop messing around and do some real programming?

[ZOtm_BigDOGGe]

I don't know about attacking bill's "site" but it did have that very message for him hidden within the bug.

The worm contains the following text, which is never displayed:

I just want to say LOVE YOU SAN!!
billy gates why do you make this possible ? Stop making money and fix your software!!

[Fila]

Ineed Dogge, this is the worm.

It programs all the infected computers who are online on 16th of August to attack a billie site and to display this message to him.

The worm does not do any other damages except ocasional lock-ups and sometimes crappy pc speed.

It won't delete anything or infect any sensitive computer thingies. Hopefully the people who DO want to destroy your computer won't replicate this worm.

[Drive2Survive]

Reportedly, users who have the automatic Windows Update service enabled will have had the fix for the hole this worm exploits installed a month ago, according to what I've read on more than one site. The fix has been available since July.

The problem is that many users disable the Update service because of suspicion about what it does, or misinformation and confusion... many think that every time it gives them an update notice, it's a hack attack against their computer, or they flat don't like or trust it (Fila, you even once posted a link to a third-party program designed to block Windows Update for people who think it sends info about them to MS). I'm not necessarily going to support Windows Update in the face of anyone who wants to argue against it, but it's always been a no-brainer for me to let it do it's thing.

I fortunately haven't been hit by it - whether that's thanks to Windows Update, PC-cillin's firewall or just dumb luck I don't want to hazard a guess - but it's an offensive little bugger alright. On Tuesday evening it practically crashed the entire university network, and yesterday a lot of my fellow students had stories about how it had hit them (desperately hoping the updates would download before the machine reset again, or the case of successfully removing it only to get reinfected as soon as they go online to get the MS fix...).

[ZOtm_BigDOGGe]

I have my auto-updates all turned off......I prefer to know when my computer is trying to contact someone or something on the internet, and I prefer to select when to do so. I update most of my software anyway on a regular basis (important updates like virus definitions and such, that is).

By installing a good firewall (and using it!), and scanning EVERYTHING I download for virus's, my XP machine stayed clean, even without that update. I've seen people say "I use my firewall when on the internet, except when...."

There is no "except when" allowed when dealing with virus's.....use your firewall 100% of the time....If it gives you problems playing games, then you don't have it set-up properly.

[ch_2005]

simple capitalism: if you dont like somthing then dont buy it.

if they think XP has too many holes then they shouldnt buy it.
there's no requirement that an OS have no holes. people will just stop buying it and the company will go out of buisness. thats the nature of capitalism. there's no reason to demonstrate a security hole. they could just send billy a note. if bill doesnt fix it then less people will buy his OS. his loss.

ugh.

[ZOtm_BigDOGGe]

people will just stop buying it and the company will go out of buisness. thats the nature of capitalism.

And it works, unless said company has a monopoly on said product....everything breaks down if consumers get only one choice of Operating System to run their WINDOWS compatible software...

[Fila]

Yeah that sucks. If only all the games would work on Linux...

[Kruzr]

XP sucks.

When i installed it and went to "Windows Update" i had to download a total of 45megs of critical patches.

In 98se, 3 months ago when i went for a Windows Update i only had to download around 25megs of critical updates (or even less, i can't remember exactly).

Is this that worm that makes your computer attack Bill Gates website on 16 August telling him to stop messing around and do some real programming?

I know how ya feel. My last WinXp update was back in April. Just went back to see if anything new and there's tons of stuff. Sheesh!

Pay $50 for a program and get 1 or 2 patches. Pay $100 (or more) and have to DL lots of patches. Sad, very sad.

[Kruzr]

simple capitalism: if you dont like somthing then dont buy it.

if they think XP has too many holes then they shouldnt buy it.
there's no requirement that an OS have no holes. people will just stop buying it and the company will go out of buisness. thats the nature of capitalism. there's no reason to demonstrate a security hole. they could just send billy a note. if bill doesnt fix it then less people will buy his OS. his loss.

ugh.

You do realize that about 90%+ of all the computers in the world run Windows. We (ie World) are very dependant on computers. And there really is nothing else out there to challenge Microsoft.

I cannot see the world not buying Windows until somone comes up with something better and has the resources that MS has to challenge them.

[Fila]

I just wish Linux would stop beeing a server OS.

I know that with the latest versions Red Hat and all the others are trying to break in the personal computers domain too but i wish i'd have Linux with Windows compatibility (as in games most importantly since when it comes to programs you can find tons of alternatives to the windows's ones).