Cititi va rog ce scrie aici si luati patch-urile necesare, in conformitate cu sistemul de operare:
http://www.microsoft.com/technet/treevi ... 03-026.asp
Download:
Windows 2000: http://microsoft.com/downloads/details. ... laylang=en
Windows XP 32 bits: http://microsoft.com/downloads/details. ... laylang=en
Windows 2003 Server 32 bits: http://microsoft.com/downloads/details. ... laylang=en
Pentru celelalte sisteme, gasitzi linkul la prima adresa!
Spor!
Informatii despre virushii (cunoscutzi) care exploateaza aceasta vulnerabilitate:
W32.Blaster.Worm http://www.symantec.com/avcenter/venc/d ... .worm.html
FixTools: http://securityresponse.symantec.com/av ... .tool.html
http://vil.nai.com/vil/stinger/
W32.Randex.E http://securityresponse.symantec.com/av ... dex.e.html
FixTools: NOT available (YET). Revin cu info pe masura ce apare.
De asemenea, RECOMAND sa va facetzi update-ul la definitiile de virushi.
Revin cu info cu noutati, daca e cazul.
IMPORTANT: MS DCOM RPC Patch
-
Tyby
- Dungeon Keeper
- Posts: 602
- Joined: Sun Jul 06, 2003 10:39 pm
- Location: Bucuresti
- Contact:
IMPORTANT: MS DCOM RPC Patch
formerly known as gaurika ...
May the best from your past be the worst in your future!
Tyby out!
May the best from your past be the worst in your future!
Tyby out!
-
originaltup
- elder
- Posts: 1749
- Joined: Sun Jul 06, 2003 11:52 am
- Location: Ohio
New MSBlast variant plugs hole
A variant of MSBlast spread on Monday, but the new worm has an odd twist: It applies a patch for the vulnerability that it and other MSBlast worms use to infect Windows systems.
The new worm, dubbed W32.Welchia, W32/Nachi and Worm_MSBlast.D, appears to properly download the patch for both Windows 2000 and Windows XP from Microsoft's Web site. Moreover, the variant will delete itself the first time an infected computer starts up in 2004.
That doesn't mean that such worms are a good idea, said Joe Hartmann, North American director for antivirus research at security software firm Trend Micro.
"This is just a regular worm like anything else," he said. "In the end, they are going to cause more trouble than they help."
Despite the apparent lack of malicious intent, the worm still sends a great deal of unwanted traffic, as it tries to spread to other computers. In addition, if several computers download the patch from Microsoft at the same time, it could slow network performance, Hartmann said.
"That's the way we found out about this--when our clients came to us complaining of slow network performance," he said.
The original variant of the MSBlast worm continued to spread over the weekend and has likely infected more than 570,000 computers, according to security firm Symantec. The company's data measures the number of Internet addresses that show signs of a worm infection. Because Internet addresses don't correspond to single computers, the number is a rough estimate of total infections. Moreover, it is uncertain what fraction of those compromised computers has been cleaned of the infection.
Oliver Friedrichs, senior manager for Symantec's security response center, agreed that worms aren't a good way to distribute patches.
"I don't necessarily think whenever you infect someone's systems, install software and reboot the computer that that is a good thing," he said. "It still tries to propagate; it is still attacking people over the Internet."
The patching worm doesn't install software on all computers. The latest variant of MSBlast only plugs the security holes on the English, Korean and Chinese versions of Windows XP and Windows 2000. And it doesn't remove infections that have already compromised a computer.
The latest variant of the worm comes three days after Microsoft managed to dodge a denial-of-service attack promised by the original worm. The attack, which would have leveled a flood of data at Microsoft's Windows Update site, was foiled when the software giant deleted the address the worm was targeting. The worm is expected to continue to spread despite the aborted attack.
Microsoft also announced on Friday that an e-mail hoax is circulating. The subject line of the e-mail is "updated," and the message appears to contain a critical update to patch systems against the MSBlast worm. In reality, clicking on the attached file will infect the recipient's computer with a Trojan horse program. Antivirus company Sophos dubbed the new program Graybird. Microsoft warned consumers that it never uses e-mail to distribute patches.
sursa: http://news.softnews.ro/news/2/2003/August/4323.shtml
A variant of MSBlast spread on Monday, but the new worm has an odd twist: It applies a patch for the vulnerability that it and other MSBlast worms use to infect Windows systems.
The new worm, dubbed W32.Welchia, W32/Nachi and Worm_MSBlast.D, appears to properly download the patch for both Windows 2000 and Windows XP from Microsoft's Web site. Moreover, the variant will delete itself the first time an infected computer starts up in 2004.
That doesn't mean that such worms are a good idea, said Joe Hartmann, North American director for antivirus research at security software firm Trend Micro.
"This is just a regular worm like anything else," he said. "In the end, they are going to cause more trouble than they help."
Despite the apparent lack of malicious intent, the worm still sends a great deal of unwanted traffic, as it tries to spread to other computers. In addition, if several computers download the patch from Microsoft at the same time, it could slow network performance, Hartmann said.
"That's the way we found out about this--when our clients came to us complaining of slow network performance," he said.
The original variant of the MSBlast worm continued to spread over the weekend and has likely infected more than 570,000 computers, according to security firm Symantec. The company's data measures the number of Internet addresses that show signs of a worm infection. Because Internet addresses don't correspond to single computers, the number is a rough estimate of total infections. Moreover, it is uncertain what fraction of those compromised computers has been cleaned of the infection.
Oliver Friedrichs, senior manager for Symantec's security response center, agreed that worms aren't a good way to distribute patches.
"I don't necessarily think whenever you infect someone's systems, install software and reboot the computer that that is a good thing," he said. "It still tries to propagate; it is still attacking people over the Internet."
The patching worm doesn't install software on all computers. The latest variant of MSBlast only plugs the security holes on the English, Korean and Chinese versions of Windows XP and Windows 2000. And it doesn't remove infections that have already compromised a computer.
The latest variant of the worm comes three days after Microsoft managed to dodge a denial-of-service attack promised by the original worm. The attack, which would have leveled a flood of data at Microsoft's Windows Update site, was foiled when the software giant deleted the address the worm was targeting. The worm is expected to continue to spread despite the aborted attack.
Microsoft also announced on Friday that an e-mail hoax is circulating. The subject line of the e-mail is "updated," and the message appears to contain a critical update to patch systems against the MSBlast worm. In reality, clicking on the attached file will infect the recipient's computer with a Trojan horse program. Antivirus company Sophos dubbed the new program Graybird. Microsoft warned consumers that it never uses e-mail to distribute patches.
sursa: http://news.softnews.ro/news/2/2003/August/4323.shtml
-
sl0bizz
- elder
- Posts: 671
- Joined: Mon Jul 14, 2003 7:33 pm
- Location: Boston
- Contact:
Mai nou, un midi devine periculos:
http://www.microsoft.com/technet/treevi ... 03-030.asp
RPC-ul are doar pentru NT/2000/Xp, asta e "bun la toate".
http://www.microsoft.com/technet/treevi ... 03-030.asp
RPC-ul are doar pentru NT/2000/Xp, asta e "bun la toate".
Daca va prisosesc sau va trebuie obiecte, incercati Freecycle Bucuresti. Daca nu va trebuie nimic, ma supar.
Who is online
Users browsing this forum: No registered users and 12 guests