Why We Are Issuing This Alert
Similar to the earlier Blaster worm and its variants, this worm exploits the issue that was addressed by Microsoft Security Bulletin MS03-026. It also exploits an issue that was addressed by Microsoft Security Bulletin MS03-007. After it infects a computer, this worm tries to remove any earlier Blaster worm or variant and install the MS03-026 update.
Even though this worm appears to be benevolent because it is trying to update your computer, it is still a worm and is potentially harmful. You should take the same steps to help protect your computer or to remove the worm if it has infected your computer.
How to Help Protect Against This Worm
Use an Internet Firewall
Follow the steps on this page to turn on the built-in Internet Connection Firewall (ICF) in Windows XP:
Or use a third-party firewall to block incoming TCP ports 80, 135, 139, 445 and 593; UDP ports 135, 137, 138.
Update Your Computer
This worm uses the issues that were addressed by two released security bulletins. Be sure to update Windows to eliminate these issues and help protect your computer from attack.
What to Do If You Think Your Computer Is Infected
- If you think your computer is infected, first follow the steps on this page:
- After updating your antivirus software with new virus definitions, scan your computer and follow the instructions for removing this worm. (Going forward, be sure to keep your virus definitions current to avoid infection.)
- If after following these steps you need further technical assistance, contact your antivirus vendor or Microsoft Product Support Services for help removing the worm.
- For Microsoft Product Support Services within the United States and Canada, call toll-free (866) PCSAFETY (727-2338).
- For Microsoft Product Support Services outside the United States and Canada, visit the Product Support Services Web page.
Get More Technical Details
Get additional details on this worm from antivirus software vendors participating in the Microsoft Virus Information Alliance (VIA):
|
|
