|
|
 |
|
|
Pages: 1
For the Good of the Internet, Patch your Windows!
(Click here to view the original thread with full colors/images)
Posted by: Canis Lupus
SAN FRANCISCO (Reuters) - An Internet worm that takes advantage of a recently discovered, widespread security hole in Microsoft Corp.'s MSFT.O Windows software emerged around the United States on Monday, crashing systems and spreading to vulnerable computers, security experts said.
The worm, dubbed LoveSan, Blaster, or MSBlaster, exploits a vulnerability in the Distributed Component Object service that is hosted by a Remote Procedure Call feature in Windows 2000 and Windows XP.
Once it gets onto a vulnerable computer, the program downloads code from a previously infected machine that enables it to propagate itself. Then, it scans the Internet for other vulnerable machines and attacks them, said Johannes Ullrich, chief technology officer at the Internet Storm Center at the SANS Institute.
Those who have been experiencing "Remote Procedure Call" errors resulting in countdowns to shutdowns (heh) should visit this link: http://www.microsoft.com/technet/tr...in/MS03-026.asp
And make sure to download the corresponding patch for your Windows operating system.
Click here for more info on the worm.
Posted by: d!g!talhardcore
I got that garbage today, I was reformatting my computer and I was wondering what the hell was going on. I got it taken care of, fortunately it was something simple, but a major pain.
Posted by: Null Actor
Also fun is how hackers and script kiddies can use the RPC bug to get in your system. My box was compromised for about 8 minutes saturday night. Till I ousted them with extreme prejudice.
Posted by: fibbi
what did you oust em with?
Posted by: Null Actor
Evil.
Posted by: d!g!talhardcore
 Quote:
Originally posted by Null Actor
Evil.
|
Nice, teach those beehotches a lesson 
Posted by: Daedleus
Link to the security patch here.
Posted by: Shalome
Update posted by Shalome:
So due to the recent Microsoft Security Bulletin regarding the vulnerability of Microsoft RPC (Remote Procedure Call) ports.. please, for the love of the internet, patch your Windows operating system!
Between the botnets that are currently attempting to exploit this hole in the operating system and the general malicious things people can do with this code exploit, it's in your best interest (and the general interest of the internet around you) to patch your system and avoid becoming a victim of what security experts are calling MSBILLY or MSBLASTER.
The guys at DShield.org posted the first analysis of this worm, which does the following damage:
1. SOURCE sends packets to port 135 tcp with variation of dcom.c exploit to TARGET
2. this causes a remote shell on port 4444 at the TARGET
3. the SOURCE now sends the tftp get command to the TARGET, using the shell on port 4444,
4. the target will now connect to the tftp server at the SOURCE.
Keep the internet safe! Patch your systems as soon as possible! If you can't patch your systems, at least block ports 135, 137, 445, and 4444 at your firewalls, both inbound and outbound. If you're in charge of routers and gateways, block these Microsoft ports if you haven't already...
One more update... if you've got this worm, Symantec has released a Removal Tool.
Posted by: SKYHN
Whenever I run windows update after one of these "patches" come out, theres never anything for me to download.
Posted by: Shalome
Good for you, SKYHN. Now. of only the rest of the internet would follow your example...
Posted by: Null Actor
I blame you for me getting hacked you know.
Posted by: SKYHN
Quote:
Originally posted by Shalome
Good for you, SKYHN. Now. of only the rest of the internet would follow your example...
|
But why is it that theres never anything for me to download? Is it because Im still living in the past using WinME and im unaffected? 
Posted by: Null Actor
Actually, this particular bug doesn't affect WinME. Funny, that.
Posted by: Shalome
Null, it was me who hacked you anyway. So NNYAAAH. :P
Posted by: Null Actor
I didn't know you listen to reggae and hang out on EFNet.
Posted by: Shalome
Who says my hack was visible? 
I MAY OWN YOU AND YOU DON'T KNOW IT. 
Don't worry, Null, you're on my safelist.
Posted by: taco_fox
Patch, you say?
Posted by: Canis Lupus
damn, I haven't encountered this exploit on my system the whole day ... I feel so left out 
Posted by: Null Actor
Quote:
Originally posted by Shalome
Who says my hack was visible?
|
My shiny new router.
Posted by: 9:35
I've been on 98 for years without problems.
Posted by: Outlaw
I had this happen once, a few days ago. I un-DMZ'd myself and never saw it again.
Posted by: Null Actor
Quote:
Originally posted by 9:35
I've been on 98 for years without problems.
|
You are probably the source of all worms by now.
Posted by: Fluid Earth
Quote:
Originally posted by Null Actor
My box was compromised for about 8 minutes saturday night. Till I ousted them with extreme prejudice.
|
Hackers love a fat honking pipe. They probably wouldn't bother with my capped cable upload.
Posted by: uh...ok
Direct Link for Win2K users:
http://download.microsoft.com/downl...980-x86-ENU.exe
Posted by: Freak
After I patched my roommate's computer, his internet ceases to connect. We're in the same dorm, so its not his connection because mine is obviously working. Also, another sympton is that Scandisk is no longer to be found. What the hell is going on? 
|
|
|
|
|
