Microsoft advises users ahead of giant worm attack

15 Aug 2003

Microsoft has commenced an information campaign warning computer users, particularly home users and small businesses, to take steps to guard against the effects of the MSBlast worm, which tomorrow will seize all affected machines to launch a denial of service (DOS) attack on a Microsoft website.

The company has played down the damage caused to individual machines by the virus, which so far is understood to have infected more than 188,000 machines and swamped net connections with traffic as it looks for fresh hosts to infect. At its height the virus was taking only 30 seconds to find uninfected computers.

“While there is no known permanent damage caused by this worm, some customers are experiencing frequent system failures, slower than normal computer speeds or error messages,” Microsoft stated last night.

Dubbed LoveSan, Blaster or MSBlaster, the worm exploits a vulnerability in the Distributed Component Object service that is hosted by a Remote Procedure Call feature in Windows NT, 2000, XP and Server 2003. Once it gets onto a vulnerable computer, the program downloads code from a previously infected machine that enables it to propagate itself and scans the internet for other vulnerable machines and attacks them.

On 16 July, Microsoft issued a statement warning Windows users of the vulnerability and issued a patch that could be downloaded for free from its website.

“However,” warned Microsoft Ireland country manager Joe Macri, “customers most likely to download the patch are companies with a service level agreement or contract and not your average home user. We would advise people to be vigilant and proactive. They should go to the Windows Update service and dowload patches as they become available.

“Most of the impact of the virus will be in the home space. The first thing we would recommend users to do is go to and download the patch. Also, if they are using anti-virus software, they should keep it up to date at all times. The patch on the website can be downloaded and installed within two to three minutes.”

Macri continued: “This virus is not as malicious as previous virus attacks, but we are taking it very seriously and regard it as a criminal activity. On this note we are working closely with the FBI in the US to identify and catch the culprit.”

The patch to resolve the danger of the virus can be downloaded at the link below.

By John Kennedy