RPC DCOM Cleanup Worm Appears

UnderAttack writes "This morning, the SANS Internet Storm Center posted a note about an increase in ICMP traffic, including a quick initial analysis. As it turns out, yet another worm, this time the W32/Nachi.worm, is going around taking advantage of the RPC DCOM vulnerability. The twist this time: the worm will actually clean up machines. It tries to download the correct patches from Windows Update and remove the Blaster worm."

A good start, but...

[veg_all]

Now we just need a worm that reformats the hard drive and installs Debian.

Re:that's cute

[ackthpt]

Now they just need to release a worm that cleans up the blaster virus by formatting the machine and installing linux

Dream on... that would be the ultimate Public Service.

Watch out!

[pair-a-noyd]

You now have a worm that people are being led to believe that is a "trustworthy" worm.

Sure it is. But wait. As it moves around, it will be hijacked and mutated into something bad.
It will pickup a package along the way and drop it in your box, and because you are led to believe that it's a "good" worm you'll welcome it.

This is NOT smart computing. It's not responsible, by any means. If you don't take action of your own accord, you are lazy and stupid and you deserve whatever bad things happen to you because of it.

Fix your own problems or pull the plug. If you can't handle it, you have no business using a computer..

*sigh* (but I have to say it)

[BMonger]

I for one welcome our friendly worm overlords.

(although running OS X I care quite little except that both the good and bad eat up unnecessary bandwidth)

Re:This could go on for a while...

[Dix_sw]

When executed on or past 01-01-2004?
If it's as you say, what if the machine isn't booted on that day? the worm stays, keeps on spreading itself and it's there for good...