Slashdot Mirror

← Back to Stories (view on slashdot.org)

RPC DCOM Cleanup Worm Appears

Posted by simoniker on from the someone-with-twisted-sense-of-humor dept.

UnderAttack writes "This morning, the SANS Internet Storm Center posted a note about an increase in ICMP traffic, including a quick initial analysis. As it turns out, yet another worm, this time the W32/Nachi.worm, is going around taking advantage of the RPC DCOM vulnerability. The twist this time: the worm will actually clean up machines. It tries to download the correct patches from Windows Update and remove the Blaster worm."

4 of 758 comments (clear)

  1. Re:Helping lazy admins by cesarcardoso · · Score: 0, Flamebait

    Wow, a worm to do the work that the sysadmin should have done in the first place. That'll encourage those lazy sysadmins to just sit back and continue to do nothing.

    Even better: who needs sysadmins now that the worms can do the job cheaper? :-)

    --
    Cesar Cardoso can be found at cesar at zyakannazio dot eti dot br (or at least I believe so)
  2. Re:This could go on for a while... by tinypillar · · Score: 0, Flamebait

    Is that like a cock block-block (or the anti cock block)?

  3. Re:that's cute by Anonymous Coward · · Score: 0, Flamebait

    Right, asshole, because we've never seen a day go by without a root exploit listed on the SANS security bulletin. Try again, moron.
    Security is a process, not an operating system. So long as there is human at the helm, it will be flawed.

  4. Re:Coolness.... by Anonymous Coward · · Score: 0, Flamebait

    Yeah well fucking suck shit for being too inept to be patched ahead of time, you useless bastard. You got exactly what you deserved. If your company IS shut down tomorrow, I reckon it'll be safe to say it was due to incapable IT staff, not a worm. Jerkoff.