D
David H. Lipman
January 07, Register - Microsoft releases Blaster clean-up tool. Microsoft this week
released a tool to clean up systems infected by the infamous Blaster worm and its sundry
variants. The software should eradicate the worm from infected Windows XP and Windows 2000
machines. However, users will still have to apply the original patch to prevent
re-infection. Normally, such clean-up technology is left to antivirus firms. But this isn't
a normal viral epidemic: ISPs say the worm is still generating malicious traffic, months
after its first appearance. Microsoft's Windows Blaster Worm Removal Tool will disinfect
machines infected with either the Blaster or Nachi worms. Nachi, released shortly after the
first appearance of Blaster in August, was designed to patch vulnerable systems. Rather
than help out, Nachi has instead become a serious nuisance. Its aggressive scanning
behavior blighted the operation of many networks - hence the need to kill the "cure", along
with the original Blaster worm.
The tool is available at:
http://www.microsoft.com/downloads/...8b?fe98?493f?ad76?bf673a38b4cf&displaylang=en
Source: http://www.theregister.co.uk/content/56/34751.html
Addendum:
The patch referenced above is for the RPC/RPCSS Buffer Overflow Vulnerability that is
addressed by Microsoft Security Bulletin MS03-39 http://support.microsoft.com/?kbid=824146
Removal is not enough, without applying the above patch the PC will just be re-infected.
Dave
released a tool to clean up systems infected by the infamous Blaster worm and its sundry
variants. The software should eradicate the worm from infected Windows XP and Windows 2000
machines. However, users will still have to apply the original patch to prevent
re-infection. Normally, such clean-up technology is left to antivirus firms. But this isn't
a normal viral epidemic: ISPs say the worm is still generating malicious traffic, months
after its first appearance. Microsoft's Windows Blaster Worm Removal Tool will disinfect
machines infected with either the Blaster or Nachi worms. Nachi, released shortly after the
first appearance of Blaster in August, was designed to patch vulnerable systems. Rather
than help out, Nachi has instead become a serious nuisance. Its aggressive scanning
behavior blighted the operation of many networks - hence the need to kill the "cure", along
with the original Blaster worm.
The tool is available at:
http://www.microsoft.com/downloads/...8b?fe98?493f?ad76?bf673a38b4cf&displaylang=en
Source: http://www.theregister.co.uk/content/56/34751.html
Addendum:
The patch referenced above is for the RPC/RPCSS Buffer Overflow Vulnerability that is
addressed by Microsoft Security Bulletin MS03-39 http://support.microsoft.com/?kbid=824146
Removal is not enough, without applying the above patch the PC will just be re-infected.
Dave