OT - Ding Dong, the Wicked Worm is dead... - Page 2

Arkcon · #11 August 12th, 2003, 05:06 PM

Heads up ...

Cert {link}

Long story short, get the patch before August 15th, the worm will launch a Denial Of Service attack against the Windows update webpage after that date.

Nice.

Gryphin · #12 August 12th, 2003, 05:14 PM

Is this the same virus that would be affecting
Copy / Paste and Linking on our Win2k systems?

tesco samoa · #13 August 12th, 2003, 05:49 PM

I suggest that you read the info on the virus and apply the patches and update your virus/os patches etc...

If your lucky that is all you will have to do.

But you must follow the instructions exactly.

Then you should look at automaticly updating your virus software daily and automaticly updating your windows software.

I know it is not very proactive. But at least you will be doing something.

Rebuild is a Last resort.

I am recommending you to follow this approach. This is the current approach I use at work.

Suicide Junkie · #14 August 12th, 2003, 07:08 PM

Quote:

Originally posted by General Woundwort:
I'm probably going to be getting a new system anyways...

if only because the current system (the infected one) does NOT have a CD-RW - just a stinking 100MB zipdrive.

At least I can salvage the text and image files for SEIV, and my school work...

CD-RW drives are actually quite cheap these days. $40-$60 is all you should spend on one.

BTW, unless your computer is very old, its probably not worth getting a new one.
500Mhz is overkill for any everyday task, and meets the requirements for Starfury.

Microsoft dosen't need your money for a new tweak of windows.

Harddrives are dirt cheap ($1 per gigabyte) and easy to add. Memory and CD drives too.

[ August 12, 2003, 18:09: Message edited by: Suicide Junkie ]

Captain Kwok · #15 August 13th, 2003, 01:21 AM

We had this at my work yesterday - it only infected computers with XP as the OS!

General Woundwort · #16 August 13th, 2003, 01:25 AM

So if I download this patch, will it reverse the damage? I want to be able to play PBW when it comes back Online!!!

tesco samoa · #17 August 13th, 2003, 01:27 AM

you should ... as it will clean the system.

moral.

do not open attachments unless you know exactly what they are

tesco samoa · #18 August 13th, 2003, 01:29 AM

at least i know what all the 'tech managers' will be going on about at work today.

Can we say firedrill.

We automatically update all the windows software every day.

But they will still want us to go out and verify.

Why because they do not understand computers and the computer industy. But for some strange reason they manage it.

General Woundwort · #19 August 13th, 2003, 12:36 PM

Well, I think it's quite obvious by now what happened. I got the BLaster worm.

I've downloaded the patches and such onto a zipdisc at work, and I'm going to begin treating the patient this evening. WAL, I'll be back up and running by tonight.

Thanks to all who replied.

I may get a new computer anyways, but if I can lick this thing I'll probably settle for an external CD-RW (I desperately need some real backup power - this much has become obvious).

Richard · #20 August 13th, 2003, 06:17 PM

Yes that will fix this known issue, but I always advise my clients to rebuild. Why? Because almost every worm has other payloads attached to it that people don't find out for quite a bit later. Plus there are usually other exploits that sneak in the exploited system that are also not picked up until later.

It's up to you, but in my experience once a box is infected it's best to start over to be sure.

Just my 2 cents worth, from doing security consulting for some time now.