Blaster update!
Cone Basher
Joined: Jan 2003
Posts: 2,650
Likes: 0
From: Houston, TX
It's funny how a firewall would easily stop this worm from even getting to your computer, and stop any access to the original security hole that Microsoft announced on 7/16/03.
At work, I've got 12 XP workstations, and a Win2k server. All of these are set to download Critical Windows Updates automatically, so we received the patch 3 weeks ago! We have Symantec Antivirus Corporate Edition, which updates the virus definitions every morning, and pushes it to all client computers. And on top of that, we have a normal Netgear FVS318 (VPN/Firewall router) sitting in between the DSL modem, and the rest of our network.
If you have a broadband connection for multiple users, there is no excuse for not having a firewall device. You should only use firewall software if you have a proxy server sitting between your network, and the Internet.
For regular dial-up users, or for broadband users with only one computer, you should use firewall software such as ZoneAlarm (http://www.zonelabs.com).
It's one thing for an average home user to get this worm, but businesses? :nono:
A firewall would be your first line of defense.
The 3 week old patch is your second line of defense.
The Anti-virus is your last line of defense (and it still won't protect you from the security hole).
At work, I've got 12 XP workstations, and a Win2k server. All of these are set to download Critical Windows Updates automatically, so we received the patch 3 weeks ago! We have Symantec Antivirus Corporate Edition, which updates the virus definitions every morning, and pushes it to all client computers. And on top of that, we have a normal Netgear FVS318 (VPN/Firewall router) sitting in between the DSL modem, and the rest of our network.
If you have a broadband connection for multiple users, there is no excuse for not having a firewall device. You should only use firewall software if you have a proxy server sitting between your network, and the Internet.
For regular dial-up users, or for broadband users with only one computer, you should use firewall software such as ZoneAlarm (http://www.zonelabs.com).
It's one thing for an average home user to get this worm, but businesses? :nono:
A firewall would be your first line of defense.
The 3 week old patch is your second line of defense.
The Anti-virus is your last line of defense (and it still won't protect you from the security hole).
Cone Basher
Joined: Jan 2003
Posts: 2,650
Likes: 0
From: Houston, TX
Originally posted by sxecrow
Final instructions to fix infected PCs:
1. Locate "msblast.exe" (Generally located at C:\winnt\system32\msblast.exe)
2. Delete it.
3. Go to Start->Run, and type "regedit"
4. Navigate through the tree to " HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run" and find the key labelled "windows auto update", which should contain "msblast.exe". Right click it, and select "delete".
5. Install the security patch so you don't have to do this again.
Final instructions to fix infected PCs:
1. Locate "msblast.exe" (Generally located at C:\winnt\system32\msblast.exe)
2. Delete it.
3. Go to Start->Run, and type "regedit"
4. Navigate through the tree to " HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run" and find the key labelled "windows auto update", which should contain "msblast.exe". Right click it, and select "delete".
5. Install the security patch so you don't have to do this again.
Cone Basher
Joined: Jan 2003
Posts: 2,650
Likes: 0
From: Houston, TX
Originally posted by qtiger
Yeah well... people are lazy and cheap, and then they gripe to MS when their own stupidity bites them on the ass.
Yeah well... people are lazy and cheap, and then they gripe to MS when their own stupidity bites them on the ass.
The security hole was announced, and a patch was released on 7/16/03
everyone predicted that someone would create a worm that would take advantage of it.
The worm came around on 8/11/03
the entire thing can be prevented with a good firewall. hell, XP has one built in to it!!! some people can't figure out how to turn it on!
Originally posted by tony
its really easy to remove. if you get it again just delete it. i'm using free trail virus protection for now
its really easy to remove. if you get it again just delete it. i'm using free trail virus protection for now
http://www.zonelabs.com
XP has one built in to it, and it shows all-stealth status on http://www.grc.com
Floppy Death! noES!!!
Joined: Oct 2002
Posts: 21,218
Likes: 0
From: Scranton, PA
Originally posted by LX4CYL
It's one thing for an average home user to get this worm, but businesses? :nono:
It's one thing for an average home user to get this worm, but businesses? :nono:
If they are getting infected from no firewall.... that's administrations fault. If they are getting infected by internal pc's that are purposefully insecure, that's IT's fault.
I agree. No business should be having as big a problem with this as much as they are. Pure stupidity and ignorance.
Home users? Yea, it happens. It's fixable. Least it's not Klez all over again.
I take calls on this all day, I have 1st and 2nd hand experiance totaling at least 100 cases.
Cone Basher
Joined: Jan 2003
Posts: 2,650
Likes: 0
From: Houston, TX
Originally posted by clickwir
I'm not getting into details... but the number of businesses effected by this is scarey. Computers you would think would AT LEAST be behind a company firewall are getting infected.
If they are getting infected from no firewall.... that's administrations fault. If they are getting infected by internal pc's that are purposefully insecure, that's IT's fault.
I agree. No business should be having as big a problem with this as much as they are. Pure stupidity and ignorance.
Home users? Yea, it happens. It's fixable. Least it's not Klez all over again.
I take calls on this all day, I have 1st and 2nd hand experiance totaling at least 100 cases.
I'm not getting into details... but the number of businesses effected by this is scarey. Computers you would think would AT LEAST be behind a company firewall are getting infected.
If they are getting infected from no firewall.... that's administrations fault. If they are getting infected by internal pc's that are purposefully insecure, that's IT's fault.
I agree. No business should be having as big a problem with this as much as they are. Pure stupidity and ignorance.
Home users? Yea, it happens. It's fixable. Least it's not Klez all over again.
I take calls on this all day, I have 1st and 2nd hand experiance totaling at least 100 cases.
I understand it happening to home users, since the average user wouldn't understand the concept of firewalls, virus updates, and security patches.
If you have a business with these kinds of problems, you should be ashamed of your self. :nono:
