Worm targets vulnerability in Windows OSes
A worm exploiting a recently announced vulnerability in many Microsoft Windows operating systems has infected thousands of unprotected computers.
The vulnerability could let attackers execute code on exploited machines. The MSBlast worm apparently carries a payload that was programmed to launch a distributed denial-of-service attack against Microsoft's update site.
Microsoft announced the vulnerability and on July 16 released a patch for it. The Remote Procedure Call Distributed Component Object Model buffer overflow affects Windows NT, 2000, XP and 2003.
Systems can be protected by patching as described in Microsoft Security Bulletin MS03-026. The bulletin and the patch are available from the Microsoft Web site.
William Jackson is a senior writer of GCN and the author of the CyberEye blog.