www.whizpr.nlProgressCommunications.euwww.marcommit.nl
ProgressCommunications.euwww.deepr.nlwww.whizpr.nl

Volg ook via:
Datum: (23 jaar en 31 dagen geleden)
Bedrijf:
PR: Whizpr

Virus Alert: New Msblast Variant Targets Original Worm, Patches Systems

New Msblast Variant Targets Original Worm, Patches Systems

Worm MSBLAST.D deletes MSBLAST.A on some infected systems; then installs Microsoft patches repairing Windows security flaw

Virus name: WORM_MSBLAST.D
Virus type: Worm
Pattern file needed: 614 available now
Outbreak Prevention Policy: 47 available now Trend Micro System Cleaner: 161 available now Overall Risk Rating : Medium Reported infections: Medium Damage Potential: High Distribution Potential: High

Trend Micro has detected a new variant of the MSBLAST worm, WORM_MSBLAST.D, which attempts to delete the original worm (WORM_MSBLASTA, a/k/a Blaster, Lovesan) from some infected systems and installs Microsoft patches designed to repair the vulnerability which enabled it to spread.

The worm usually arrives as DLLHOST.EXE (~10,240 bytes). (Note that there is a system file with the same name but is only 6 kilobytes in
size.) Like the original worm, MSBLAST.D spreads solely through Internet traffic and exploits the RPC DCOM buffer overflow security flaw in Microsoft's Windows operating system. However, preliminary analysis shows that this worm is able to delete the MSBLAST.EXE file on Windows 2000 and Windows XP, which was delivered by WORM_MSBLAST.A and download patches to the RPC DCOM buffer overflow exploit. Customers should be aware that WORM_MSBLAST.D is still considered as malicious code as it scans for un-patched systems and downloads itself to them.

The following strings are visible in the worm body:
=========== I love my wife & baby :-)~~~ Welcome Chian~~~ Notice: 2004 will remove myself:-)~~ sorry zhongli~~~=========== wins

The original MSBLAST worm was intended to launch a distributed denial of service attack by infected machines on Microsoft's Windows Update Web site lasting until the end of the month. However, it targeted an incorrect address (http:\\windowsupdate.com) from which Microsoft normally redirected traffic to the service. Microsoft was able to deflect the worm's attack by disabling the redirect and shutting down the Web page. The Windows Update Web site is used to deliver software updates and patches to Microsoft customers and is also the location where users go to obtain protection against vulnerabilities such as RPC DCOM buffer overflow.

The vulnerability, which was confirmed by Microsoft in a security bulletin on July 16, 2003, can allow intruders full access and the ability to execute any code on target machines, leaving them seriously compromised. It affects recent versions of the Windows operating system:
Windows NT, 2000 and XP.

For more information on the RPC DCOM Buffer Overflow, please visit the following Microsoft page:
Microsoft Security Bulletin MS03-026
http://www.microsoft.com/technet/treeview/?url=/technet/security/bulleti
n/MS03-026.asp

Non-Trend Micro users with Internet connections can use HouseCall, Trend Micro's free online virus scanner, at http://housecall.trendmicro.com/ The Trend Micro Virus Map displays information about worldwide virus trends based on actual virus infections detected by Trend Micro http://www.trendmicro.com/map/

###

About Trend Micro
Trend Micro is a leader in network antivirus and Internet content security software and services. The Tokyo-based corporation has its European headquarters in Marlow, England, and business units worldwide.
Trend Micro products are sold through corporate, value-added resellers and managed service providers. For additional information and evaluation copies of all Trend Micro products, visit:
http://www.trendmicro-europe.com
 
Trend Micro and the t-ball logo are trademarks or registered trademarks of Trend Micro Incorporated.  All other company or product names may be trademarks or registered trademarks of their owners.

For further information, please contact:
Anna Wright
EMEA PR Manager, Trend Micro
T. +44 (0)1628 400 534
E. anna_wright@trendmicro.co.uk

Annegees van Linge
Lammers van Toorenburg PR
T. +31 (0)30 6565 070
E. annegees@lvtpr.nl

Recent van Trend Micro  
TrendAI introduceert het ‘Inception Program’ en zet de volgende stap naar veilige innovatie met AI

Onderzoek TrendAI: “Zorgdata zijn ongeveer de meest waardevolle handelswaar geworden in de cybercriminaliteit”

TrendAI sluit zich aan bij Project Glasswing van Anthropic

Verstreken tijd: 23 jaar en 31 dagen
PR contact  

Logo Whizpr
Trend Micro contact  

+31 (0) 20 399 8304
www.trendmicro.com

Marcommit is hét full service B2B marketing bureau van Nederland! Wij helpen jouw bedrijf met offline en online marketing campagnes die écht werken.
 Spotlight  
Logo Productowner.nl
Logo ZAMKO
Logo Innvolve
Logo ClickPatrol
Logo NetRom Software
Logo RAVI RYAN MOHANLAL
Logo BTG
Logo NHA Opleidingen
Logo Polly.Help
Logo MI Consultancy
Logo Incentro
Logo Stromma Nederland
Logo Fairbanks
Logo Valid
Logo Westpoort
Logo Spryng
Logo We talk SEO B.V.
Logo Victoria ID
Logo DNA Services B.V.
Logo Twenty Four Webvertising
Logo Web Wings
Logo Web Wings
Logo BusinessCom
Logo Msafe
Logo SCOS ViaCloud BV
Logo Keuze.nl BV
Logo Spryng
Logo BusinessCom
Logo Web Wings
Logo Web Wings
Logo Schneider Electric
Logo Learned
Logo Red Hat
Logo Veeam Software
Logo KnowBe4
Logo HeadFirst Group
Logo Deel
Logo Nutanix
Logo Vultr
Logo Schneider Electric
Logo Mollie
Logo ZAMKO
Logo reichelt elektronik
Logo Conclusion Experience
Logo Bechtle Groep Nederland
TARIEVEN
Publicatie eenmalig €49

PUBLICATIEBUNDELS
6 voor €199
12 voor €349
Onbeperkt €499

EENMALIG PLAATSEN
Persbericht aanleveren

REGELMATIG PLAATSEN
Bedrijfsabonnement
CONTACT
Persberichten.com
JMInternet
Kuyperstraat 48
7942 BR Meppel
Nederland
info@persberichten.com
KvK 54178096

VOLGEN
@ICTBERICHTEN

ZOEKEN
IT bedrijf
IT PR-bureau
OVER ONS
Persberichten.com, hét platform voor IT/Tech persberichten

DATABASE
103924 persberichten
7050 bedrijfsprofielen
60 PR-bureauprofielen
17593 tags

KENMERKEN
• Behouden tekstopmaak
• Foto/illustratie/logo
• Downloadbare bijlages
• Profiel met socials
 
www.whizpr.nlProgressCommunications.euwww.marcommit.nl
www.deepr.nlProgressCommunications.euwww.whizpr.nl