RE: New variant. Blast.b

From: Glenn Pearl (glennp_at_datasync.com)
Date: 08/14/03

  • Next message: Tim Mektrakarn: "DCOM patch + Exchange"
    To: <focus-ms@securityfocus.com>
    Date: Thu, 14 Aug 2003 12:13:56 -0500
    
    

    The majority of my support calls regarding this worm have been from home
    users.

    So I have a question:
    Consider a home user with a single system who is Internet connected, but
    not doing any sort of Microsoft-based networking at all. Would not
    unbinding the Client for Microsoft Networks from TCP/IP in the network
    connection properties (NIC or dialup, makes no difference) completely
    prevent an attack from this worm or any of its variants?

    Regards,
    Glenn Pearl

    > -----Original Message-----
    > From: Thomas F. Szabo [mailto:tszabo@diamondtech.net]
    > Sent: Wednesday, August 13, 2003 4:01 PM
    > To: Kim, Cameron; focus-ms@securityfocus.com
    > Subject: RE: New variant. Blast.b
    >
    > Haven't seen this yet, but what I can add is that this is ripping
    > through home users right now. If someone releases a variant that
    > becomes more malicious than the variants currently in the wild we may
    > see some serious problems. I urge everyone to try and get friends,
    > family, etc., to patch their systems. All I keep hearing from people
    is
    > "you mean I can just get it? I don't have to open an email to get it?"
    >
    >
    > Tom Szabo
    >
    > -----Original Message-----
    > From: Kim, Cameron [mailto:CKim@mdea.com]
    > Sent: Wednesday, August 13, 2003 12:20 PM
    > To: focus-ms@securityfocus.com
    > Subject: New variant. Blast.b
    >
    > http://www.sarc.com/avcenter/venc/data/w32.blaster.b.worm.html
    >
    > Any Thoughts? Anyone see this one in their environment?
    >
    > Cameron Kim
    > Mitsubishi Digital Electronics America
    >
    >
    >
    ------------------------------------------------------------------------
    > ---
    > Your network firewall and IDS products do not prevent Web application
    > attacks - the most common form of online exploitation- resulting in
    Web
    > defacement, data theft, sabotage and fraud.
    > KaVaDo is the only company that provides a complete suite of Web
    > application security products.
    > Download a FREE whitepaper on "Security Policy Automation for Web
    > Applications":http://www.securityfocus.com/Kavado-focus-ms
    >
    ------------------------------------------------------------------------
    > ---
    >
    >
    >
    ------------------------------------------------------------------------

    ---
    > Your network firewall and IDS products do not prevent Web application
    > attacks - the most common form of online exploitation- resulting in
    Web
    > defacement, data theft, sabotage and fraud.
    > KaVaDo is the only company that provides a complete suite of Web
    > application security products.
    > Download a FREE whitepaper on "Security Policy Automation for Web
    > Applications":http://www.securityfocus.com/Kavado-focus-ms
    >
    ------------------------------------------------------------------------
    ---
    ---------------------------------------------------------------------------
    Your network firewall and IDS products do not prevent Web application 
    attacks - the most common form of online exploitation- resulting in Web 
    defacement, data theft, sabotage and fraud.
    KaVaDo is the only company that provides a complete suite of Web 
    application security products.
    Download a FREE whitepaper on "Security Policy Automation for Web
    Applications":http://www.securityfocus.com/Kavado-focus-ms
    ---------------------------------------------------------------------------
    

  • Next message: Tim Mektrakarn: "DCOM patch + Exchange"

    Relevant Pages

    • RE: New variant. Blast.b
      ... Subject: New variant. ... > Your network firewall and IDS products do not prevent Web ... > Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • RE: What the heck is this msblast.exe
      ... |Your network firewall and IDS products do not prevent Web application ... |attacks - the most common form of online exploitation- resulting in Web ... |Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • RE: What the heck is this msblast.exe
      ... |Your network firewall and IDS products do not prevent Web application ... |attacks - the most common form of online exploitation- resulting in Web ... |Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • New variant. Blast.b
      ... Your network firewall and IDS products do not prevent Web application ... attacks - the most common form of online exploitation- resulting in Web ... Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)
    • RE: What the heck is this msblast.exe
      ... What the heck is this msblast.exe ... |Your network firewall and IDS products do not prevent Web application ... |attacks - the most common form of online exploitation- resulting in Web ... |Download a FREE whitepaper on "Security Policy Automation for Web ...
      (Focus-Microsoft)