MERGED-->Computer Help - Need ASAP + New MSFT Virus Fix + Windows Worm - Page 2 - U2 Feedback

Go Back   U2 Feedback > Lypton Village > Lemonade Stand > Lemonade Stand Archive
Click Here to Login
 
 
Thread Tools Search this Thread Display Modes
 
Old 08-12-2003, 12:51 PM   #16
Sizzlin' Sicilian
Forum Administrator
 
Sicy's Avatar
 
Join Date: Jan 2001
Location: Bay Area, CA
Posts: 69,297
Local Time: 05:38 PM
I always do Windows Update
__________________

__________________
Sicy is offline  
Old 08-12-2003, 03:16 PM   #17
Blue Crack Addict
 
MissVelvetDress_75's Avatar
 
Join Date: Dec 2001
Location: basking in my post-concert glow still mesmerized by the orbit of his hips..Also Holding Bono Close as he requested.
Posts: 25,776
Local Time: 08:38 PM
my IT dept just sent out an email informing us about this new virus. W32.Blaster.Worm that is hitting XP, Win 2000 and Win NT 4.0 users. i suppose this is the problem some of y'all are having?
__________________

__________________
MissVelvetDress_75 is offline  
Old 08-12-2003, 04:30 PM   #18
Rock n' Roll Doggie
ALL ACCESS
 
HeartlandGirl's Avatar
 
Join Date: Nov 2000
Location: Phoenix
Posts: 6,836
Local Time: 06:38 PM
Quote:
Originally posted by MissVelvetDress_75
my IT dept just sent out an email informing us about this new virus.
So did mine. They had warned us last week to get the update, so I think I'm covered for the moment, but it sounds like they've got their hands full.
__________________
HeartlandGirl is offline  
Old 08-12-2003, 04:41 PM   #19
Blue Crack Distributor
 
LarryMullen's POPAngel's Avatar
 
Join Date: Jun 2001
Location: I'll be up with the sun, I'm not coming down...
Posts: 53,698
Local Time: 08:38 PM
We had the same thing here at work today.

Don't these asses have anything better to do?
__________________
LarryMullen's POPAngel is offline  
Old 08-12-2003, 06:49 PM   #20
Paper Gods
Forum Administrator
 
KhanadaRhodes's Avatar
 
Join Date: Jun 2001
Location: a vampire in the limousine
Posts: 60,609
Local Time: 07:38 PM
times like this i'm glad i have windows update run every time there's a critical update. so 99% of the time i hear about things like this, i've installed the patch weeks ago.
__________________
KhanadaRhodes is offline  
Old 08-12-2003, 10:52 PM   #21
Elvis' Naughty Angel
 
Angel's Avatar
 
Join Date: Jan 2001
Location: not here
Posts: 4,609
Local Time: 09:38 PM
I got it too. Stooooopid worm. My understanding was it affected those that did updates yesterday. I never update.... and just yesterday I actually updated my virus scanner, how ironic, and I get this friggin virus. Anyway... I followed all the instructions and it came back on me before I downloaded the patch... so hopefully I will be ok. *crosses fingers. That system shutdown was a bugger.
__________________
Angel is offline  
Old 08-12-2003, 10:59 PM   #22
War Child
 
U2Lynne's Avatar
 
Join Date: Nov 2001
Location: San Francisco Bay Area, CA
Posts: 539
Local Time: 05:38 PM
Quote:
Originally posted by LarryMullen's_POPAngel
Besides updating Windows, was there anything any of us could have done to prevent this?
Sure, buy a Mac

I my .
__________________
U2Lynne is offline  
Old 08-13-2003, 12:54 AM   #23
Blue Crack Addict
 
bono_man2002's Avatar
 
Join Date: Jul 2002
Location: In the wrong band
Posts: 28,357
Local Time: 12:38 PM
not sure if this was posted:
Blaster worm spreading, experts warn of attack

The outbreak is the most serious since the SQL Slammer worm in January

By Paul Roberts, IDG News Service
AUGUST 12, 2003

Content Type: Story
Source: IDG News Service




A new worm that exploits a widespread vulnerability in Microsoft Corp.'s Windows operating system continued its spread today, making the outbreak the most serious since the appearance of the SQL Slammer worm in January, according to security experts.
The worm, referred to alternately as W32.Blaster, the DCOM Worm or Lovsan worm, first appeared on the Internet late yesterday and spread quickly, infecting machines running the Windows XP and Windows 2000 operating systems.

Blaster takes advantage of a known vulnerability in a Windows component called the Distributed Component Object Model interface, which handles messages sent using the remote procedure call (RPC) protocol. RPC is a common protocol that software programs use to request services from other programs running on servers in a networked environment.

Vulnerable systems can be compromised without any interaction from a user, according to Johannes Ullrich, chief technology officer at the SANS Internet Storm Center, which monitors threats to the Internet infrastructure.

The Internet Storm Center first detected the new worm around 3 p.m. EDT Aug. 11, and Blaster "took off" within the first hour of appearing, Ullrich said.

Last night, antivirus and computer security firms around the world issued warnings about the new worm and instructed users to patch affected Windows systems and block communications ports used by the worm to spread (see story). By this morning, those warnings appear to have had some effect, Ullrich said.

"The worm has pretty much leveled out now. ISPs [Internet service providers] blocked Port 135, which the worm used for propagation, and we're seeing a limited spread," he said.

A flaw in the worm's code that governs which flavor of exploit to use when compromising a vulnerable machine may also account for the slowdowns, Ullrich said. That flaw caused machines running Windows XP to crash and reboot, temporarily taking the host off-line and tipping off the machine's owner.

Ullrich put the number of machines infected by Blaster at 30,000 worldwide, fewer than the number infected by the Code Red and Nimda worms of 2001, but more than were infected by the recent Slammer worm.

even so, the worm caused problems for the Maryland Motor Vehicle Administration, which had to shut down its main offices today.

In a statement on its Web site, the agency said: "All MVA offices across the State closed at noon today, August 12, 2003. This statewide closure is due to a computer virus...."

The agency said all of the MVA offices will be open for business tomorrow.

At the University of Florida in Gainesville, network security engineer Jordan Wiens noticed a surge in attack traffic from an infected computer on the campus network around 3 p.m. EDT yesterday and worked quickly to block the worm's spread by shutting down ports that it uses to copy itself to other vulnerable machines.

The University of Florida uses firewalls and intrusion-detection system software to protect the campus network from Internet-borne attacks, but was probably undone by a user whose machine was infected at home, then connected to the campus network using a dial-up modem, Wiens said. Despite acting quickly to deploy filters to stop Blaster, the university's IT staff was coping with a sizable number of infected computers by 5 p.m. yesterday, he said.

While the worm's spread slowed yesterday evening and early today, the number of infected hosts is still very large, and new infections are likely as home users in Europe and the U.S. return from work and connect to the Internet from unprotected home machines today, according to Mikko Hypponen, manager of antivirus research at F-Secure Corp. in Helsinki, Finland.

The large base of infected machines also has experts worried about a denial-of-service attack that the worm is programmed to launch against Microsoft's automated Windows update Web site starting Aug. 16. Traffic directed at the site, http://windowsupdate.microsoft.com, from so many hosts could effectively shut down the service, which is used to distribute software updates and security patches to Microsoft Windows users, Hypponen said.

Unlike the Code Red worm, which contained code for a similar attack against the Internet Protocol address of the White House's main Web server, Blaster targets the http://windowsupdate.microsoft.com domain, preventing Microsoft from simply changing the address of the domain to sidestep the attack, he said.

Microsoft is aware of the denial-of-service threat and is looking at ways to make http://windowsupdate.microsoft.com more resilient against the Blaster worm, as well as future threats, a company spokesman said. That said, the Web site is "extremely resilient" and has never suffered a complete denial of service, he said.

"If there's an attack on Saturday, the worst-case scenario is that the site is slower than normal but not brought to its knees," he said.

Security experts will be holding their breath and waiting for the preprogrammed attacks to start, but those infected by Blaster must now cope with the daunting task of cleaning up affected systems.

The number of infected machines at the University of Florida is still a small fraction of the campus's 20,000 or 30,000 hosts, but cleanup may take a while, especially in departments that are short of IT administrators and that lack software for managing updates across multiple systems, Wiens said.

Because other more subtle attacks using the RPC vulnerability have been circulating for weeks, owners of machines infected by Blaster may also consider doing a fresh installation of the operating system to overwrite any backdoor programs or other malicious code placed on the machine by hackers, Ullrich said.

Blaster's code is small and can be quickly removed using free tools provided by F-Secure as well as other antivirus vendors, Hypponen said. However, customers should patch their systems before removing Blaster to prevent reinfection from the worm, he said.

Security experts also recommend installing firewall and antivirus software to prevent future attacks.
__________________
bono_man2002 is offline  
Old 08-13-2003, 09:42 AM   #24
Blue Crack Distributor
 
LarryMullen's POPAngel's Avatar
 
Join Date: Jun 2001
Location: I'll be up with the sun, I'm not coming down...
Posts: 53,698
Local Time: 08:38 PM
Last night everything seemed to be back in working order.

*crosses everything
__________________
LarryMullen's POPAngel is offline  
Old 08-14-2003, 04:12 PM   #25
New Yorker
 
bonocrazy88's Avatar
 
Join Date: Apr 2003
Location: WV and VA, USA
Posts: 2,742
Local Time: 08:38 PM
Windows Worm!

I didn't know which forum to post this in, but my home computer has that Windows Blaster Worm that is worldwide. It is terribly annoying, because every six minutes, a message pops up on the screen that says the computer will shut down in 1:00, 0:59, 0:58, and etc... When it gets to 0:00, the computer shuts down. I am an internet addict, so this is killing me, since it only happens when I get on the internet.

Does anyone else have this? If so, go to www.windows.com to fix it.
__________________
bonocrazy88 is offline  
Old 08-14-2003, 05:36 PM   #26
ONE
love, blood, life
 
HelloAngel's Avatar
 
Join Date: Sep 2001
Location: new york city
Posts: 14,534
Local Time: 09:38 PM
HI there! Check out:
http://forum.interference.com/t80582.html
__________________
HelloAngel is offline  
Old 08-14-2003, 05:36 PM   #27
Sizzlin' Sicilian
Forum Administrator
 
Sicy's Avatar
 
Join Date: Jan 2001
Location: Bay Area, CA
Posts: 69,297
Local Time: 05:38 PM
This is being discussed in Lemonade Stand so I will move this there and merge it with the other threads.
__________________
Sicy is offline  
Old 08-14-2003, 05:49 PM   #28
Blue Crack Addict
 
nbcrusader's Avatar
 
Join Date: Aug 2002
Location: Southern California
Posts: 22,071
Local Time: 05:38 PM
Quote:
Originally posted by KhanadaRhodes
times like this i'm glad i have windows update run every time there's a critical update. so 99% of the time i hear about things like this, i've installed the patch weeks ago.

auto updates
__________________
nbcrusader is offline  
Old 08-14-2003, 06:09 PM   #29
pax
ONE
love, blood, life
 
pax's Avatar
 
Join Date: Nov 2001
Location: Ewen's new American home
Posts: 11,412
Local Time: 09:38 PM
There is some evidence that this ing worm might have helped to cause the power outage.

I hope that stupid virus writer is happy.
__________________
and you hunger for the time
time to heal, desire, time


Join Amnesty.
pax is offline  
Old 08-14-2003, 06:22 PM   #30
ONE
love, blood, life
 
FizzingWhizzbees's Avatar
 
Join Date: Dec 2001
Location: the choirgirl hotel
Posts: 12,614
Local Time: 01:38 AM
Quote:
Originally posted by paxetaurora
There is some evidence that this ing worm might have helped to cause the power outage.

I hope that stupid virus writer is happy.
They probably are...it's something to show off about to other idiotic hackers/virus writers/other stupid people.

Bunch of s.
__________________

__________________
FizzingWhizzbees is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -5. The time now is 08:38 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Design, images and all things inclusive copyright © Interference.com