Slashdot Mirror


Win32 Blaster Worm is on the Rise

EvilNight writes "You know you've got it when a 60 second shutdown timer pops up on your screen. The virus uses the RPC vulnerability. It looks like it's reaching critical mass today. Luckily, it's an easy one to stop: Download this security update. Once you've installed that patch, go here and download the removal tool." Update: 08/12 19:19 GMT by M : Security bulletin URL corrected.

33 of 1,251 comments (clear)

  1. Wrong link by JPelzer · · Score: 5, Funny

    Shouldn't the "Removal Tool" link point to a Linux ISO download site or something? I mean, this is slashdot... :-)

  2. The Rise by mao+che+minh · · Score: 5, Funny
    DOOM-DOOM-DOOM-DOOM DOOM *PANG*
    DOOM-DOOM-DOOM-DOOM DOOM * PANG*

    At 10:06 AM, August 12th, 2003, Skynet launched dah Win32 Blaster Wahm. It quickly seized contrahl of ahh computers on the Net and forced a mahndatory reboot.

    OK this is getting old.....

  3. Re:shutdown /a by Pionar · · Score: 3, Funny

    >Why he hadn't fixed it already is a mystery, especially since slashdot.org is his homepage.

    You actually believe that reading /. makes you smart? Apparently, you never read comments below 5.

  4. Virus by Anonymous Coward · · Score: 5, Funny

    If this thing wouldn't keep crashing computers, it would be spreading like greased wildfire.

  5. Re:shutdown /a by whiteranger99x · · Score: 3, Funny

    Apparently, you never read comments below 5.

    In some cases even THAT doesn't mean you'll see smart comments

    (hell, look at MY 5 point comments sometime lol ;)

    --
    Join the TWIT army now!
  6. Re:Much better removal tool.. by Anonymous Coward · · Score: 3, Funny

    I tried that and nothing happened ??

    Microsoft(R) Windows DOS
    (C)Copyright Microsoft Corp 1990-2001.

    C:\>fdisk
    'FDISK' is not recognized as an internal or external command,
    operable program or batch file.

    C:\>format
    Required parameter missing -

    C:\>install FreeBSD

    C:\>WTF !!!

  7. This thing hit our customers yesterday... by Snarfangel · · Score: 5, Funny

    I work at an ISP, and over half of our tech support calls yesterday were because of this worm. You wouldn't believe the number of people who thought we were somehow going into their computer and not only kicking them off the internet, but rebooting their computers. (Yes, sir, the tech support staff feels horribly underworked today, so we thought we'd make things more exciting and pi** off a few customers in the process.) I hope they find the person involved and perform medical experiments on him.

    --
    This tagline is copyrighted material. Please send $10 for an affordable replacement.
  8. Just seen an ATM affected... by mccalli · · Score: 5, Funny
    Seriously. If you fancy a laugh, and you're working in the City of London, then go to the Halifax ATM between Canon Street and Poultry.

    Then try, really, really hard to stop laughing...

    Cheers,
    Ian

  9. Virus, not starring Jamie Lee Curtis. by Channard · · Score: 3, Funny

    Man, it's almost as bad as that Teddy Bear virus *cough*

  10. Re:Windows Update slashdotted? by javatips · · Score: 4, Funny

    or maybe the machine reboots every 60s

  11. Re:Good timing... by irc.goatse.cx+troll · · Score: 4, Funny

    Something similer happened to me yesterday. A friend of mine immed me saying his computer kept saying it had 60 seconds to reboot, and something about rpc crashing. So I responded with a screenshot of dir c:\ running on his machine.
    Moral of the story: I'm an asshole.
    (For the record, I then told him where to get the patch, and how to cancle a running shutdown.)

    --
    Pain lasts, kid. Its how you know you're alive. Sometimes I think this growing up thing is just pain management-TheMaxx
  12. I might not be speaking for everyone, but I say: by burgburgburg · · Score: 5, Funny

    I welcome our new Skynet Overlords.

  13. Re:A sure fire method to solve this RPC exploit by caluml · · Score: 3, Funny
    I paddle my wife, but she still insists on using Windoze.

    Threaten to not paddle her - that might make her change.
    (She might be darker than you think!)

  14. Re:60 second timer by razberry636 · · Score: 4, Funny
    Of course, if you're getting hammered this isn't going to help much.

    A nasty work is quickly spreading across the internet forcing about 90 percent of the connected computers to become inoperable. Thousands of phones are ringing at IT desks all over the world. On the other ends of those phones are screaming, panicky users crying because their computers won't work. Management is calling because now you're the bottleneck causing inefficiency in the team, and you might need to start looking for a new job if this isn't taken care of. And then you trip over a network cable.

    I think getting hammered is the best thing to do right now.

  15. Re:Echoes by fishbert42 · · Score: 5, Funny

    'You'd think every hotmail account would get a message saying "Plug that hole" from whoever it is that runs hotmail.'

    Actually, in my hotmail spam repository account I already do get tons of messages saying things like that. But, I don't think they're talking about computer security. =)

  16. Re:shutdown /a by MmmmJoel · · Score: 3, Funny
    "Thought it was just Windows XP being retarded"

    It is Windows XP being retarded. Don't second-guess yourself!

  17. Re:shutdown /a by ChiefArcher · · Score: 5, Funny

    Supposively, if they don't fix it by this weekend, all the infected boxes are going to attack microsoft's website all at once.

    So in my opinion.... Don't patch it :)

    ChiefArcher

  18. Re:There are several reasons... by Surreal_Streaker · · Score: 4, Funny
    How many of those Linux holes where in the core operating system (IE, kernel + GNU tools)?

    IE is not a core part of the core Linux operating system no matter what you've heard.

  19. Re:shutdown /a by Zak3056 · · Score: 3, Funny

    You actually believe that reading /. makes you smart?

    Yeah, what do you think this is, a Holiday Inn Express or something?

    --
    What part of "shall not be infringed" is so hard to understand?
  20. Re:shutdown /a by RoLi · · Score: 5, Funny
    I mean that's how you're supposed to setup any operating system. No net connection until you've got all the necessary patches installed and firewalls set up.

    Exactly! It's pretty easy, actually:

    • Unplug Internet connection
    • Download patches from the Internet
    • Set up firewall
    • Plug in Internet connection

    If that doesn't work, just send an email to support@microsoft.com

  21. Re:shutdown /a by Anonymous Coward · · Score: 4, Funny

    your_girlfriend.exe

  22. Re:Sad really by RoLi · · Score: 4, Funny
    Check daily for patches on your software, patch it, reboot, get back to work.

    Too bad that this "check daily, patch, reboot" procedures never get mentioned in any MS-paid TCO-analysis.

  23. Re:Honest question by wfrp01 · · Score: 4, Funny

    What's a port?
    Do I have any?
    How can I check?


    A place where ships are safe from storms. See also 'port of entry'.
    You have an output port on your behind.
    Do yoga.

    --

    --Lawrence Lessig for Congress!
  24. Famous last words by dtfinch · · Score: 3, Funny

    From the Microsoft security bulletin on the vulnerability:

    "This vulnerability only permits a denial of service attack and does not provide an attacker with the ability to modify or retrieve data on the remote machine."

  25. Re:shutdown /a by Geek+of+Tech · · Score: 5, Funny
    That almost makes me want to infect my box. Oh well.

    --
    Stop the Slashdot effect! Don't read the articles!
  26. Re:Honest answer by allism · · Score: 3, Funny

    Monitoring slashdot...I need to remember that phrase if I ever get reprimanded for excessive internet activity...

    seriously, though, I, for one, thank you on the behalf of all us little peon users for testing before patching. I swear, the next time the sysadmin comes around an installs something on my computer that means I have to spend hours fixing my computer before I can do any more of my real work, I'm gonna kick him in the shins...

  27. Re:shutdown /a by rworne · · Score: 4, Funny
    (Score:2, Insightful) for a post recommending you download patches with your network cable unplugged. Wow, Slashdot is a haven for those with technical know-how, isn't it.

    Perhaps he was meaning to suggest using a wireless access point. That way there is no physical medium for the virus to travel over.
    --
    I tried every decent and legal way I could think of to resolve the issue w/the business before I rented the chicken suit
  28. Re:shutdown /a by Anonymous Coward · · Score: 3, Funny

    Unless the virus becomes airborne, in which case I'm covering my box with surgical masks and insulating blankets.

    Looks like my computer is suffering from a high fever now. I'll give it plenty of fluids and some bedrest.

  29. Re:Gimme A Chance!! by dirtydiaper · · Score: 4, Funny

    Don't worry I know your problem.. You put the wrong boot disk in.. The one you want is the CD that says LINUX not Microsoft Windows XP. If that doesnt work.. Open up you case and find the worm.. They are a brownish colour some are a couple inches long.. good luck!

  30. Re:shutdown /a by Nucleon500 · · Score: 5, Funny

    Does the worm work with Wine?

  31. Re:shutdown /a by inKubus · · Score: 5, Funny

    Sorry to whore this out here, but has anyone actually looked at the patch? I mean, this affects a rather important part of the Windows operating system. RPC is used for interprocess communication, named pipes, etc. Couldn't the CIA or something put a bug in it that will forward everything you cut and paste, type, send, etc. to some other entity? And what better way to get the masses to install it than a little worm to exploit a hole they purposely left open?

    Furthermore, Microsoft paid out $520M only yesterday due to patent infringement with a component in MSIE.

    I mean, I'm all patched up, so I know I'm safe but.. oh shit.. the shutdown timer just popped up! Microsoft must be reading what I'm typing. If only I can do this thing quick enough. OH FUCK I have to wait 20 seconds from the time I hit the reply button til when I press submit and it's getting down near 1 nowwwww

    --
    Cool! Amazing Toys.
  32. Understanding Win2K Security Rating (mildly OT) by Embedded+Geek · · Score: 3, Funny
    Jonathan Shapiro of the Johns Hopkins University Information Security Institute recently posted a commentary on the fact that Windows 2000 (with service pack 3) has been assigned a Common Criteria certification Evaluation Assurance Level (EAL) level of 4. In response to the question "What does this mean?", he replies:

    Security experts have been saying for years that the security of the Windows family of products is hopelessly inadequate. Now there is a rigorous government certification confirming this.

    (Originally taken from rec.humor.funny).

    --

    "Prepare for the worst - hope for the best."

  33. Re:shutdown /a by 1davo · · Score: 3, Funny
    In a knee-jerk reaction, I quickly downloaded the patch from Redmond and fired it up...

    Once I saw the messages saying "Pardon me while I inspect your system...

    Then some dialog box popped up with some message about third party blah blah blah.

    I came to my senses. Wait just a darn minute. I have not seen the effects of this worm/virus.

    So I killed the process. Bring on the RPC crap - it has to be alot better than Bill drilling any deeper into my vanilla laptop used only for browsing the web.

    Whew - dodged another one...

    Windows & security - the double bind theory of computing.