September 2003
New Msblast virus possible from Windows vulnerability
The source code for the second RPC critical flaw has been published on the web
BitDefender, an award-winning provider of security software and services, announce today that the source code for the second RPC critical flaw - the first one being responsible for Msblast virus creation - has been published on the web. The compiled version of the code is detected by BitDefender Antivirus products as Exploit.DCOM-RPC.A.
The history repeats itself, as the second version of the exploit was now published on the same Chinese website as the first one. BitDefender researchers reiterate that the source code of the first RPC critical flaw was used by virus writers to build the first version of Msblast - the most spread Internet worm of all times.
"We assess that the time until a new speculation of this new critical flaw will be spreading is not far", Mihai Neagu, Virus Researcher at BitDefender Lab estimates. "As far as we can see, there is a trend in computer virus writing, to take advantage of the new but verified flaws in most used software in order to wreak havoc in a large mass of computers", Mihai concluded.
In the particular circumstances entailed by the last Msblast outbreak, BitDefender experts have developed a specific feature in their antivirus scanning engines, to detect any attempt to use the Microsoft Windows DCOM-RPC vulnerability for system intrusion, successfully identifying any possible virus replication. Therefore, a virus created by using any of the two RPC flaws will be detected and reported promptly by the BitDefender Antivirus products.
All Windows users are urged to patch their systems from the following addresses, depending on their operating system:
Windows 2000:
ftp://eresources.mcg.edu/pub/Download/MS03-039/Windows%202000/Windows2000-KB824146-x86-ENU.exe
Windows XP:
ftp://eresources.mcg.edu/pub/Download/MS03-039/Windows%20XP/WindowsXP-KB824146-x86-ENU.exe
Windows NT 4 Workstation:
ftp://eresources.mcg.edu/pub/Download/MS03-039/Windows%20NT%20Workstation%204.0/WindowsNT4Workstation-KB824146-x86-ENU.EXE
Windows NT 4 Server:
ftp://eresources.mcg.edu/pub/Download/MS03-039/Windows%20NT%20Server%204.0/WindowsNT4Server-KB824146-x86-ENU.EXE
Windows 2003 Server:
http://www.microsoft.com/downloads/details.aspx?FamilyId=51184D09-4F7E-4F7B-87A4-C208E9BA4787&displaylang=en
For a permanent protection, BitDefender Antivirus commercial solutions are available for sale on the Internet or at local distributors and start from USD 29.95.
About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software. The company is an industry pioneer, introducing and developing award-winning protection since 2001. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.
Recently, Bitdefender won a series of important awards and accolades in the global security industry, including "Product of the Year" by AV-Comparatives, "Best Repair 2012" by AV-Test, "Editor's Choice" and "The Best Antivirus for 2013" by PC Mag, that confirmed the antivirus software’s leadership status among security products.
More information about Bitdefender's products is available from the company's security press room. Additionally, Bitdefender publishes the HOTforSecurity blog, where readers can find stories from the underworld of internet fraud, scams, malicious software - and gossip.