PowerMacG5
Diamond Member
Ripped from Slashdot:
"UnderAttack writes "This morning, the SANS Internet Storm Center posted a note about an increase in ICMP traffic, including a quick initial analysis. As it turns out, yet another worm, this time the W32/Nachi.worm, is going around taking advantage of the RPC DCOM vulnerability. The twist this time: the worm will actually clean up machines. It tries to download the correct patches from Windows Update and remove the Blaster worm." "
Pretty interesting. Someone created a worm that exploits the same thing as LovSan/Blaster, but this time removes the virus, and downloads the patch. Pretty cool. I wonder who wrote this, someone at Microsoft, or some noble virus writer that felt bad. Whoever it was, this is the best use of a security vulnerability. Use the vulnerability to fix itself.
Symantec link
"UnderAttack writes "This morning, the SANS Internet Storm Center posted a note about an increase in ICMP traffic, including a quick initial analysis. As it turns out, yet another worm, this time the W32/Nachi.worm, is going around taking advantage of the RPC DCOM vulnerability. The twist this time: the worm will actually clean up machines. It tries to download the correct patches from Windows Update and remove the Blaster worm." "
Pretty interesting. Someone created a worm that exploits the same thing as LovSan/Blaster, but this time removes the virus, and downloads the patch. Pretty cool. I wonder who wrote this, someone at Microsoft, or some noble virus writer that felt bad. Whoever it was, this is the best use of a security vulnerability. Use the vulnerability to fix itself.
Symantec link