| OT: Hehehe! Anti-blaster worm [message #40849] |
Tue, 19 August 2003 19:30  |
 |
YSLMuffins
Messages: 1144
Registered: February 2003
Location: Moved a long time ago (it...
Karma:
|
General (1 Star)
Moderator - Mod Forum |
|
|
As of now, this worm is on the front page of Symantec's website.
The W32.Welchia.Worm supposedly:
[list]
[*]download and install the DCOM patch from Windows update and restarts the computer after the patch is installed
[*]attempts to spread itself to other vulnerable computers
[*]Attempts to remove the W32.Blaster.Worm[/list:u]
| Quote: |
Damage
Payload:
Deletes files: Deletes msblast.exe. :rolleyes:
Causes system instability: Vulnerable Windows 2000 machines will experience system instability due to the RPC service crash.
Compromises security settings: Installs a TFTP server on all the infected machines
|
Symantec has classified this worm as a Category 4, which I think is the most dangerous. :-\ Also, if the worm discovers that the date is 2004, it deactivates and removes itself.
I guess if this worm alerted you to its presence, it might cause less ruckus, but less people would end up patching their systems.
-YSLMuffins
The goddess of all (bread products)
See me online as yslcheeze
|
|
|
|
Search
Help
Members
Register
Login
Home
