BitDefender Antivirus Lab today announces the outbreak of a new, high-spreading worm - called Msblast (
Win32.MsBlast.A) - and releases a
free antidote to disinfect the already contaminated systems. The specialists compare it with "
Code Red" - a similar worm that caused over 350 000 infections in only two days - as it exploits a known vulnerability in Microsoft Windows 2000/XP. Accordingly to Computer Economics Cyber Attack Index, Code Red had an economic impact of 2.62 billions dollars in 2001, just by spreading and infecting hosts with an amazing speed.
The worm is a harsh attack to Microsoft security flaws, enclosing the message "
billy gates why do you make this possible ? Stop making money and fix your software!!". The exploit was
signaled and patched by Microsoft Corporation since July 16, 2003 (see
the security bulletin), but only few users updated their software.
"As the worm threatens all Windows 2000 and XP systems, it could wreak havoc among most computer users", warns Mircea Ciubotariu, Virus Researcher at BitDefender Lab, SOFTWIN. "Unlike Code Red, this one is not just affecting servers, but all computers using the newest software from Microsoft. It is a common situation that Windows users don't update their systems or do it very rarely, so we expect a high number of users to be affected by this new threat. It is also to be expected that the new worm will affect the Internet performance, because of the high-spreading routine", Ciubotariu concluded.
It is an Internet worm that exploits known security vulnerability in Microsoft's Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. This security breach allows attackers to run code of his or her choice. TCP port directly affected by this exploit includes: 135.
As payload, the worm initiates denial of service (DoS) attacks on the Windows Update site (windowsupdate.com) after the 15th of August.
BitDefender antidote is available for
download for all infected users.
All Windows 2000 and XP users are urged to patch their systems from
http://www.microsoft.com/downloads/search.aspx?displaylang=en.
For more details, please contact us or see
the technical description.
For a permanent protection, BitDefender Antivirus commercial solutions are available for sale
on the Internet or
at local distributors and start from USD 29.95.
