PSS Critical Security Alert – New Worm: Nachi, Blaster-D, Welschia

PSS Security Response Team Alert – New Worm: Nachi, Blaster-D, Welchia

SEVERITY: CRITICAL
DATE: 08/18/2003
PRODUCTS AFFECTED: Windows 2000 and XP, Internet Information Services 5.0

************************************************** ********************

WHAT IS IT?
A new worm is spreading in the wild. The Microsoft Product Support Services
Security Team is issuing this alert to advise customers to be on the alert
for this virus as it spreads in the wild. Customers are advised to review
the information and take the appropriate action for their environments.

IMPACT OF ATTACK: Network Propagation, Patch Installation

TECHNICAL DETAILS:
Similar to the earlier Blaster worm and its variants, this worm also
exploits the vulnerability patched by Microsoft Security Bulletin MS03-026,
and instructs target systems to download its copy from the affected system
using the TFTP program.

In addition to exploiting the RPC vulnerability patched by Microsoft
Security Bulletin MS03-026 this worm also uses a previously patched
vulnerability in Microsoft Security Bulletin MS03-007 directed at IIS 5.0.

http://www.mombu.com/microsoft/scripting-virus-discussion/t-pss-critical-security-alert-new-worm-nachi-blaster-d-welschia-11328463-new.html

 

Leave a Reply