Sophos has warned computer users of a new worm spreading across
the internet, which exploits a critical vulnerability in versions
of Microsoft Windows.
The W32/Blaster-A worm (also
known as Lovsan, MSBlaster or Poza) contains a mocking message for
Microsoft's chairman Bill Gates, and attempts to launch a denial of
service attack on a website run by Microsoft for the purpose of
distributing important security patches.
"Blaster attempts to knock Microsoft's windowsupdate.com website
off the internet," explained Graham Cluley, senior technology
consultant for Sophos. "By attempting a denial of service attack on
the windowsupdate.com website, the virus author is deliberately
trying to make it difficult for computer users to download the
patch they need to secure their copies of Windows against the worm.
It's an extremely devious trick by Blaster's author."
The worm contains a message for Microsoft's Bill Gates, which
does not get displayed:
I just want to say LOVE YOU SAN!! billy gates why do you
make this possible ? Stop making money and fix your
software!!
The Blaster worm does not spread via email, but does distribute
itself via the internet looking for vulnerable computers that have
not been patched against a security hole first reported by Microsoft in
mid-July 2003.
"System administrators should note that Blaster doesn't spread
by email - so internet email scanning services will not be able to
detect this worm, and an absence of reports at your email gateway
does not mean you can rest on your laurels," said Graham Cluley.
"Companies should deploy the patch from Microsoft, ensure their
firewall is set up correctly and update the anti-virus on their
desktop and servers."
Sophos advises users of Apple Macintosh and Unix computers that
they are not affected by the Microsoft security vulnerability, and
are not at risk from the worm.
Further advice:How to remove the Blaster
worm.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.