The worm affects Windows 2000 and XP machines that have not patched the Buffer Overrun In Windows RPC Interface.

Unlike most viruses and worms, MSBlast does not use email (and email attachments) as the means for spreading the infection. Instead, using an already infected machine, the worm randomly scans the Internet for unpatched systems. When such a system is found, it is infected and then used as an agent for furthering the infection.

Green Apple has disabled ingress/egress on ports used by MSBlast as recommended by Microsoft which greatly lessen the capability for the worm to enter or leave our network and, thus, affect our users. However, every Windows user is urged to visit Microsoft's Windows Update and install the patch to close the RPC Buffer Overrun flaw. Windows Update is found at
    http://windowsupdate.microsoft.com

If you are infected, besides installing the patch, you will need to remove the worm. Symantec (Norton) has developed a tool for this:
    http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html

Home / Access / Development / Support / Hosting / Local Links / Computers
 Contact Us / Green Apple News / Jobs / Site Map / Link To Us / Policy

Lancaster-Fairfield County Chamber of Commerce, 2000 Small Business of the Year
www.greenapple.com · tel. (740) 653-9890 · toll free. (866) 653-9890
Copyright © 1995 - 2007, Green Apple, Inc.