The patch that was issued in JULY can be found here:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/bulletin/MS03-026.asp
SARC has come up with a fix here:
http://securityresponse.symantec.com/avcenter/FixBlast.exe
----- Original Message -----
From: "Fréderic Kinnaer" <Frederic (at) SuperChat (dot) be [email concealed]>
To: "Dominick S." <dsardina (at) si.rr (dot) com [email concealed]>
Sent: Tuesday, August 12, 2003 9:50 AM
Subject: Re: DCOM worm is out
> Where is this patch ??
>
> ----- Original Message -----
> From: "Dominick S." <dsardina (at) si.rr (dot) com [email concealed]>
> To: "Marc Fossi" <mfossi (at) securityfocus (dot) com [email concealed]>; "Focus-MS"
> <focus-ms (at) securityfocus (dot) com [email concealed]>
> Sent: Tuesday, August 12, 2003 2:48 AM
> Subject: Re: DCOM worm is out
>
>
> > Thankfully I am patched way before today.
> > But some people arent so lucky.
> >
> > I have a friend who just let me know..he is infected and he wrote this.
> >
> > From what I've seen it launches processes with various names:
> > firedamon, dll32, msblast, runserv48, runserv16, runserv, runserv2,
etc.
> >
> > Just a FYI.
> >
> > Stay Safe!
> >
> >
> > DS-
> > http://www.infosecnyc.com
> >
> >
> >
> >
> >
> > ----- Original Message -----
> > From: "Marc Fossi" <mfossi (at) securityfocus (dot) com [email concealed]>
> > To: "Focus-MS" <focus-ms (at) securityfocus (dot) com [email concealed]>
> > Sent: Monday, August 11, 2003 4:32 PM
> > Subject: DCOM worm is out
> >
> >
> > > FYI
> > >
> > > http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html
> > >
> > > Marc Fossi
> > > Symantec Corp.
> > > www.symantec.com
> > >
> >
>
> ------------------------------------------------------------------------
--
> > -
> > > Your network firewall and IDS products do not prevent Web application
> > > attacks - the most common form of online exploitation- resulting in
Web
> > > defacement, data theft, sabotage and fraud.
> > > KaVaDo is the only company that provides a complete suite of Web
> > > application security products.
> > > Download a FREE whitepaper on "Security Policy Automation for Web
> > > Applications":http://www.securityfocus.com/Kavado-focus-ms
> >
>
> ------------------------------------------------------------------------
--
> > -
> > >
> >
> >
>
> ------------------------------------------------------------------------
--
> -
> > Your network firewall and IDS products do not prevent Web application
> > attacks - the most common form of online exploitation- resulting in Web
> > defacement, data theft, sabotage and fraud.
> > KaVaDo is the only company that provides a complete suite of Web
> > application security products.
> > Download a FREE whitepaper on "Security Policy Automation for Web
> > Applications":http://www.securityfocus.com/Kavado-focus-ms
>
> ------------------------------------------------------------------------
--
> -
> >
>
------------------------------------------------------------------------
---
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
------------------------------------------------------------------------
---
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur
ity/bulletin/MS03-026.asp
SARC has come up with a fix here:
http://securityresponse.symantec.com/avcenter/FixBlast.exe
Cert Advisory CA-2003-20 W32/Blaster worm here:
http://www.cert.org/advisories/CA-2003-20.html
Regards,
DS-
http://www.infosecnyc.com
----- Original Message -----
From: "Fréderic Kinnaer" <Frederic (at) SuperChat (dot) be [email concealed]>
To: "Dominick S." <dsardina (at) si.rr (dot) com [email concealed]>
Sent: Tuesday, August 12, 2003 9:50 AM
Subject: Re: DCOM worm is out
> Where is this patch ??
>
> ----- Original Message -----
> From: "Dominick S." <dsardina (at) si.rr (dot) com [email concealed]>
> To: "Marc Fossi" <mfossi (at) securityfocus (dot) com [email concealed]>; "Focus-MS"
> <focus-ms (at) securityfocus (dot) com [email concealed]>
> Sent: Tuesday, August 12, 2003 2:48 AM
> Subject: Re: DCOM worm is out
>
>
> > Thankfully I am patched way before today.
> > But some people arent so lucky.
> >
> > I have a friend who just let me know..he is infected and he wrote this.
> >
> > From what I've seen it launches processes with various names:
> > firedamon, dll32, msblast, runserv48, runserv16, runserv, runserv2,
etc.
> >
> > Just a FYI.
> >
> > Stay Safe!
> >
> >
> > DS-
> > http://www.infosecnyc.com
> >
> >
> >
> >
> >
> > ----- Original Message -----
> > From: "Marc Fossi" <mfossi (at) securityfocus (dot) com [email concealed]>
> > To: "Focus-MS" <focus-ms (at) securityfocus (dot) com [email concealed]>
> > Sent: Monday, August 11, 2003 4:32 PM
> > Subject: DCOM worm is out
> >
> >
> > > FYI
> > >
> > > http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html
> > >
> > > Marc Fossi
> > > Symantec Corp.
> > > www.symantec.com
> > >
> >
>
> ------------------------------------------------------------------------
--
> > -
> > > Your network firewall and IDS products do not prevent Web application
> > > attacks - the most common form of online exploitation- resulting in
Web
> > > defacement, data theft, sabotage and fraud.
> > > KaVaDo is the only company that provides a complete suite of Web
> > > application security products.
> > > Download a FREE whitepaper on "Security Policy Automation for Web
> > > Applications":http://www.securityfocus.com/Kavado-focus-ms
> >
>
> ------------------------------------------------------------------------
--
> > -
> > >
> >
> >
>
> ------------------------------------------------------------------------
--
> -
> > Your network firewall and IDS products do not prevent Web application
> > attacks - the most common form of online exploitation- resulting in Web
> > defacement, data theft, sabotage and fraud.
> > KaVaDo is the only company that provides a complete suite of Web
> > application security products.
> > Download a FREE whitepaper on "Security Policy Automation for Web
> > Applications":http://www.securityfocus.com/Kavado-focus-ms
>
> ------------------------------------------------------------------------
--
> -
> >
>
------------------------------------------------------------------------
---
Your network firewall and IDS products do not prevent Web application
attacks - the most common form of online exploitation- resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":http://www.securityfocus.com/Kavado-focus-ms
------------------------------------------------------------------------
---
[ reply ]