W32.Blaster
http://zdnet.com.com/2251-1110-5062637.html
Users of the following products are vulnerable to infection by this worm:
It is very important that you check the Security site
regularly for the most recent news:
http://go.microsoft.com/?linkid=220931
In This Newsletter:
--Who Is Vulnerable
--4 Steps for Home Users
At 11:34 A.M. Pacific Time on August 11, Microsoft
began investigating a worm reported by Microsoft Product
Support Services (PSS). A new worm commonly known as
W32.Blaster.Worm has been identified that exploits the
vulnerability that was addressed by Microsoft Security
Bulletin MS03-026.
Who Is Vulnerable?
Users of the following products are vulnerable to
infection by this worm:
. Microsoft® Windows NT® 4.0
. Microsoft Windows® 2000
. Microsoft Windows XP
. Microsoft Windows Server(TM) 2003
Your computer is not vulnerable to the Blaster worm if
either of these conditions apply to you:
. If you are using Microsoft Windows 95; Windows 98;
Windows 98 Second Edition (SE); or Windows Millennium
(Me).
. If you downloaded and installed security update
MS03-026 prior to August 11, the date the worm was
discovered.
4 Steps for Home Users
If you are using Windows NT 4.0, Windows 2000, Windows
XP, or Windows Server 2003, you should follow the
steps in this sequence to help protect your system and to
recover if your system has been infected.
1. Enable a Firewall: Make sure you have a firewall
activated to help protect your computer against
infection before you take other steps. If your computer has
been infected, activating firewall software will help
limit the effects of the worm on your computer.
The latest Windows operating systems have a firewall
built in. Windows XP and Windows Server 2003 users
should print or save the following instructions for how to
enable their firewall.
If your computer is rebooting repeatedly, disconnect
from the Internet before you enable your firewall. To
disconnect your computer from the Internet:
. Broadband connection users: Locate the cable that
runs from your external DSL or cable modem to the wall
and unplug that cable either from the modem or from
the telephone jack.
. Dial-up connection users: Locate the telephone
cable that runs from the modem inside your computer to
your telephone jack and unplug that cable either from the
telephone jack or from your computer.
Follow the instructions provided for your operating
system, and then reconnect to the Internet.
. Windows XP Professional users:
http://go.microsoft.com/?linkid=220932
. Windows XP Home Edition users:
http://go.microsoft.com/?linkid=220933
. Windows Server 2003 users:
http://go.microsoft.com/?linkid=220934
. Windows NT 4.0 and Windows 2000 users: You will
need to install a third-party firewall. Most firewall
software for home users is available in free or trial
versions. If you are unable to download a firewall
product, please check with your local computer retailer.
Check the following resources for more information on
personal firewalls:
-- ZoneAlarm Pro (Zone Labs):
http://go.microsoft.com/?linkid=220935
-- Tiny Personal Firewall (Tiny Software):
http://go.microsoft.com/?linkid=220936
-- Outpost Firewall (Agnitum):
http://go.microsoft.com/?linkid=220937
-- Kerio Personal Firewall (Kerio Technologies):
http://go.microsoft.com/?linkid=220938
-- BlackICE PC Protection (Internet Security
Systems):
http://go.microsoft.com/?linkid=220939
Windows 2000 users: Alternatively, you can take steps
to block the affected ports so that your computer can
be patched. Here are some modified instructions from
the TechNet article HOW TO: Configure TCP/IP Filtering
in Windows 2000:
http://go.microsoft.com/?linkid=220940.
2. Update Windows: If you are disconnected from the
Internet, remember to reconnect before you take the next
steps. Download and install the security update
addressed in Security Bulletin MS03-026 for the version of
Windows that you are using from the Microsoft Download
Center.
-- Windows NT Server 4.0 and Windows NT Workstation
4.0:
http://go.microsoft.com/?linkid=220941
-- Windows NT Server 4.0, Terminal Server Edition:
http://go.microsoft.com/?linkid=220942
-- Windows 2000:
http://go.microsoft.com/?linkid=220943
-- Windows XP: The vast majority of Windows XP
customers use this version. If you are unsure, it is likely
that you are using this version.
http://go.microsoft.com/?linkid=220944
-- Windows XP (64 bit): The 64-bit version of Windows
XP requires special hardware to run. If you are
unsure, it is likely that you are not running this version
of Windows XP.
http://go.microsoft.com/?linkid=220945
-- Windows Server 2003:
http://go.microsoft.com/?linkid=220946
-- Windows Server 2003 (64 bit):
http://go.microsoft.com/?linkid=220947
3. Use Antivirus Software: Make sure you have the
latest updates installed.
. If you already have antivirus software installed,
go to your antivirus vendor's Web site to get the
latest updates, also known as virus definitions.
. If you do not have antivirus software installed,
get it. If you are unable to download antivirus
software, please check with your local computer retailer. The
following vendors participating in the Microsoft Virus
Information Alliance (VIA) offer antivirus products
for home users:
. Network Associates:
http://go.microsoft.com/?linkid=220948
. Trend Micro:
http://go.microsoft.com/?linkid=220949
. Symantec:
http://go.microsoft.com/?linkid=220950
. Computer Associates :
http://go.microsoft.com/?linkid=220951
Learn about Microsoft's Virus Information Alliance:
http://go.microsoft.com/?linkid=220952.
4. Remove the Worm: If you think there is even the
slightest possibility that your computer might be
infected, use the worm removal tool available at your
antivirus vendor's Web site. For additional details on this
worm from antivirus software vendors participating in
the Microsoft Virus Information Alliance (VIA) please
visit the following links:
-- Network Associates:
http://go.microsoft.com/?linkid=220953
-- Trend Micro:
http://go.microsoft.com/?linkid=220954
-- Symantec:
http://go.microsoft.com/?linkid=220955
-- Computer Associates:
http://go.microsoft.com/?linkid=220956
Panda:
http://www.pandasoftware.com/download/
Microsoft Communities is your launching pad for
communicating online with peers and experts about Microsoft
products, technologies, and services:
http://go.microsoft.com/?linkid=220929
Manse9933