Hurrah. There’s another Windows worm doing the rounds. When
will people learn that “Microsoft Windows” and “secure” should only
ever appear in the same sentence when accompanied by the
word “not”. This particular bug is the so-called “Blaster” worm and
affects systems running Microsoft Windows XP, Windows 2000, Windows
NT4 and Windows Server 2003.
There’s an easy
listening version of the story at BBC Tech News, although you
may prefer the full technical
advisory report from CERT. There’s also plenty of entertaining
discussion in this
Slashdot article, which includes some comments about the signs
to look out for and how to clean up infected machines.
I’m
slightly cheered to note that some of the mainstream news reports of
this worm refer to it as a “Windows worm”, rather than an “Internet
worm” or something like that, which at least seems to acknowledge
the fact that Windows is particularly vulnerable to this kind of
attack. Perhaps once the Average Computer User begins to realise
the risks, the alternatives may
become more appealing.
Updated 20:25 This worm uses port 135 to propogate and on
examining my firewall logs, there were 92 attempted connections to
my system on Sunday 10 August from 10 distinct remote systems, 105
attempted connections from 23 distinct systems yesterday and over
500 attempted connections from over 200 distinct systems so far
today and still rising fast … Mmmm, nice firewall.