You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 430 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
New Windows Bug - MSBlast
Securitydezina writes "Found at BBC.co.uk.........
Quote"A Windows worm dubbed MSBlast is quickly spreading across the net and swamping net connections as it looks for more vulnerable machines to infect." End Quote.
Story at http://news.bbc.co.uk/1/hi/technology/3143625.stm
Fix is at http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html"
Posted on Tuesday, August 12 @ 09:25:14 CEST by [RETIRED]Raven
 
Related Links
· Computer Cops
· More about Security
· News by [RETIRED]Raven


Most read story about Security:
PHP-Nuke admin.php security hole - PATCHED

Article Rating
Average Score: 5
Votes: 1


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad


Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend

Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register

Re: New Windows Bug - MSBlast (Score: 1)
by defendtherealm on Tuesday, August 12 @ 09:49:09 CEST
(User Info | Send a Message) http://www.fastvds.net

URGENT - This thing is really causing havoc...it sends RPC Shutdown requests to other PCs over the net.

2 people I already know have been victims of the RPC Shutdown requests. They get 50 odd seconds while their PC is shutting down.

What is annoying, is that those who are not technys may think they have a virus when they do not. They will rebuild their PC. Only to find it restarting when they connect to the internet again.

Off the top of my head...I advice those of you on XP goes into es into Administrative Tools....

Local Security Policy.

Click on Local Policies - User rights assignment

The look for "Force remote Shutdown of system"

Take out Administrators...

So even if you don't have a password on account with admin privilages....no one can ever shutdown your PC remotely using RPC ever again!

Windows 2000 users can do something similar....

Then you can get out there and get a decent firwall + virus scanner.

ZX I would put this comment on the front page though because some people mught not read this within 40-50 seconds.






EASY FIX (Score: 1)
by beanwebb on Tuesday, August 12 @ 12:06:54 CEST
(User Info | Send a Message) http://funportal.beanwebb.com
To fix this:

1) click Start | Run and type msconfig

2) got to the startup tab and remove the tick next to msblast

3) restart your computer in safe mode (press F8 before windows starts up)

4) Click Start | Search and look for msblast.exe and delete it

5) restart your computer. The virus is now gone.

6) go to this site and download the bug fix for your system:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

this will stop the virus from working

7) Use either Windows XP's Own firewall, or use Another like Zone Alarm (free), or Norton (not free), to block the port that the virus gets in from. Windows Xp's built in Firewall already does this by default, to activate it, go to Network Connections, right click on your internet connection, click on the security tab and tick the box to activate the firewall.

Thats it, you shouldnt see the thing again, it should also stop any new viruses, simlar to it from being downloaded.


  • Re: EASY FIX by defendtherealm on Tuesday, August 12 @ 12:51:26 CEST

Re: New Windows Bug - MSBlast (Score: 1)
by Monnet on Tuesday, August 12 @ 18:02:06 CEST
(User Info | Send a Message) http://europhilia.org
The Windows Update website appears to be down at the moment. I don't know if it is the DoS attacks this worm supposedly makes from infected computers, or if it is the general hysteria causing people to download patches in unprecedented numbers, or maybe it's just a special feature of those windows servers?


Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.106 Seconds - 172 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::