IMPORTANT SECURITY ANNOUNCEMENT - for Windows Users re: Blaster Worm

From: ELLISTER Mark K (Mark.ELLISTER_at_RIS.LANE.OR.US)
Date: 08/16/03

Next message: Jason Gersekowski: "Software Updates Services no longer working"

Previous message: Gavin Haslett: "More info about MS03-026"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Sat, 16 Aug 2003 11:26:11 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Did anyone else get the forwarded e-mail below .. And did anyone else find
it amusing that the link to verify the validity of the e-mail redirects to
an SSL secured site which has an invalid cert. ( certificate name does not
match the site address ) heh. ( at least as of 11:18PM-PST the site has a
bad cert as follows )

I applaud Microsoft's attempt to use something other than PGP, and they have
been making good efforts of adding PKI and X.509 functionality to their
Windows products, however they don't appear to understand how to use it yet
<EG>.

Cert as it was displayed to me for
https://www.microsoft.com/security/incident/verify.asp

Cheers,

Mark Ellister
Regional Information System
125 E 8th Ave
Eugene, OR 97401
(541)682-4512
mark.ellister@ris.lane.or.us
-----Original Message-----
From: Microsoft
[mailto:0_51187_EE695C32-7522-4D54-AB10-B915B52B51EE_US@Newsletters.Microsof
t.com]
Sent: Saturday, August 16, 2003 9:54 AM
To: mark.ellister@ris.lane.or.us

This e-mail message is being sent to you by Microsoft Corporation. To verify
the authenticity of this e-mail message, please visit:
http://go.microsoft.com/?linkid=222103

Dear Microsoft Customer,

On August 11, 2003, Microsoft began investigating a report of a worm, known
as W32.Blaster.Worm, that exploits the vulnerability addressed by Microsoft
Security Bulletin MS03-026. Microsoft released this critical security
bulletin and corresponding patch for Windows operating systems on July 16,
2003. While some customers may not notice the presence of the worm infection
at all on their computer systems, typical symptoms may include Windows XP
and Windows Server 2003 systems rebooting every few minutes without user
input or Windows NT4 and Windows 2000 systems becoming unresponsive.

If you applied security patch MS03-026 prior to the discovery of the Blaster
worm, your system is secure from the vulnerability that W32.Blaster is
using. For the most current information on determining if your systems are
infected and how to recover from the infection, please go to the following
Web site and perform the prescribed steps:
http://go.microsoft.com/?linkid=222104. This site will be updated as more
information regarding the W32.blaster worm becomes available.

Our goal is to provide you with the information and tools you need to help
run your company safely and reliably. When we become aware of these types of
vulnerabilities, it is our goal to share protection and remediation
information with you as quickly as is possible. In order to help protect
your computing environment from security vulnerabilities, we encourage you
to use the Windows Update service by going to
http://go.microsoft.com/?linkid=222105 and also subscribe to Microsoft's
security notification service at http://go.microsoft.com/?linkid=222106. By
using these two services you will automatically receive information on the
latest software updates and the latest security notifications, thereby
improving the likelihood that your computing environment will be safe from
the worms and viruses that occur.

Thank you,

Microsoft Corporation

For information about Microsoft's privacy policies, please go to
http://go.microsoft.com/?linkid=222102

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to

http://www.trusecure.com/offer/s0100/

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

Next message: Jason Gersekowski: "Software Updates Services no longer working"

Previous message: Gavin Haslett: "More info about MS03-026"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Conficker Worm.......read this if needed
... I subscribe to a Windows Secrets newsletter that I receive via email. ... Computers infected with the infamous Conficker worm will start ... the nonprofit security group SRI ...
(rec.music.artists.springsteen)
Safeguard Your PC Against the Downadup Worm
... Safeguard Your PC Against the Downadup Worm ... How to protect your PC from the biggest worm in years. ... Security experts say it's the biggest worm attack in years, ... Windows that Microsoft Corp. patched nearly four months ago. ...
(alt.comp.anti-virus)
Re: Experts are warning that hackers have yet to activate the payload of the Conficker virus.
... The worm is spreading through low security networks, memory sticks, ... exploits a vulnerability in the Windows Server service ... While Microsoft addressed this issue in October ...
(microsoft.public.security)
System Shutdown error message every time I boot
... proper security measures and updates on your system. ... Then immediately turn-on Windows XP's built-in Firewall: ... What You Should Know About the Blaster Worm and Its ...
(microsoft.public.windowsxp.perform_maintain)
Re: Group policy setting to restrict user access to change registry
... C2 is a certification - ... Windows can only be fully secured if its utility is ... and C2 is already a pretty high level of security that is ... secure Windows fully, and while you may be the fellow who has found ...
(alt.computer.security)