| |||
|
|
||
|
|||
| |
|
Home > Security News > Experts recommend Blaster fix |
| |
|
|
|
|
| Security News: |
|
||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|
||||||||||||||
A surge in Blaster worm infections prompted the Computer Emergency Response Team and other experts to recommend the following remediation steps for infected machines: --Physically disconnect from the network. --If you can't stop your system from rebooting, use the shutdown timer: click Start, Run and Shutdown-a. --Kill the "msblast.exe" process in the Task Manager by pressing "CTRL-ALT-DELETE," click "Task Manager" button, select the "Processes" tab, highlight "msblast.exe," and click the "End Process" button (CERT notes that this will bring up a Warning dialog box which a user needs to answer "Yes"). --Delete "HKey_Local_Machinesoftwaremicrosoftwindowscurrentversionrunwindowsautoupdate." --Search the machine for any files named msblast.exe, p-e-n-i-s32.exe (without hyphens), teekids.exe and root32.exe." For each match, right-click and select delete. --Disable DCOM on all affected machines, but not until all effects have been fully tested. (http://microsoft.com/technet/security/bulletin/MS03-026.asp). --Reboot the machine and reconnect to the network. --Install the patch from Windows Update or MS03-026 (http://microsoft.com/technet/security/bulletin/MS03-026.asp). FOR MORE INFORMATION: SearchSecurity.com news exclusive: "Computers not out of Blaster woods" SearchSecurity.com news exclusive: "Blaster variants shouldn't be major headache" Microsoft security bulletin MS03-026
|
|
|
|
||||||||||||
| |||||||||||||||
|
|
|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
|
|
|
|||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
