|
|
| mx68u
|
| Admin |
 |
| Group: Admin |
| Posts: 1128 |
| Member No.: 1 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
 |
|
| Posted:Aug 12 2003, 11:12 PM |
|
|
After loggin on the net today and browsing for about 5 minutes i got an error that said something along the lines of:
| QUOTE |
Generic Windows Host Error
blah blah blah blah
|
So of course i just closed it and everything seemed fine for the next 3 minutes or so then i got another pop saying something like:
| QUOTE |
Remote Procedure Call Failed, RPC has caused an error and has been terminated
blah blah
|
Clicked "Close" and then this NT pop-up box came up and said a critical NT network service has been unauthorised and your computer will shut down in 60 seconds, please save any unsaved data or it will be lost... or something...
Anywayz this is the result of some expoliting a Windows XP/2000/2003 server/NT vulnerability which will enable them to execute any code the attack wishes, meaning they can download anything from your computer, install anything, intercept packets sent via TCP/IP etc etc 
Microsoft regards the severity of this vulnerability CRITICAL and suggests you update your system with this patch as soon as possible.
So if you run either of the OS's mentioned update it asap, unfortunately if you have been attacked you may experienced the auto reset thingy before you get a chance to complete the download, so you might have to use another computer, fortunately it easily fits on a floppy.
More Technical Details and Download Options Available here |
| ODIN
|
| KLZE next year???? |
|
| Group: Moderators |
| Posts: 573 |
| Member No.: 13 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
 |
|
| Posted:Aug 13 2003, 01:46 AM |
|
|
damn I hate microsoft sometimes:( Had the same thing happen to me. Just downloaded a crud load of "crictical updates" Always seems to be some prob with windows every week
--------------------
mx6.com
My 2nd Gen MX6 Profile |
| ODIN
|
| KLZE next year???? |
|
| Group: Moderators |
| Posts: 573 |
| Member No.: 13 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
|
|
| Posted:Aug 13 2003, 08:10 AM |
|
|
question is this a virus or not? Ive updated my virus detector software and downloaded the patch but it found nothing on my computer.
--------------------
mx6.com
My 2nd Gen MX6 Profile |
| ODIN
|
| KLZE next year???? |
|
| Group: Moderators |
| Posts: 573 |
| Member No.: 13 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
|
|
| Posted:Aug 13 2003, 08:52 AM |
|
|
my computers infected. With the worm. Trying to get rid of it now  grrr
--------------------
mx6.com
My 2nd Gen MX6 Profile |
| mx68u
|
| Admin |
|
| Group: Admin |
| Posts: 1128 |
| Member No.: 1 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
|
|
| Posted:Aug 13 2003, 09:17 AM |
|
|
yeah actually your right..... i was going by the info at the microsoft website.. there is a worm virus which is the cause of the auto computer shutdown. The thing is its installed via the windows exploit above.. i actually just installed the patch and it seemed to correct it... apparently the file you should be looking for is called, it will be loaded up as a user process in task manager...
msblast.exe |
| ODIN
|
| KLZE next year???? |
|
| Group: Moderators |
| Posts: 573 |
| Member No.: 13 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
|
|
| Posted:Aug 13 2003, 09:21 AM |
|
|
mblast.exe is gone. Checked task manager. Its not there. Also had to delete 8 infected files.
This post has been edited by ODIN on Aug 13 2003, 12:02 PM
--------------------
mx6.com
My 2nd Gen MX6 Profile |
| EvilChief
|
| The Evil One |
|
| Group: ATFC Moderator |
| Posts: 223 |
| Member No.: 146 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
 |
|
| Posted:Aug 13 2003, 11:17 AM |
|
|
you know what is funny ...
I never get any of this shit ... but everyone else does .. lol ... jinx
--------------------
WHOHOO ... got my opens today ... as much as it would matter to me anyway
... and 96 in the ash tray! |
| mx68u
|
| Admin |
|
| Group: Admin |
| Posts: 1128 |
| Member No.: 1 |
Car Profile: Available
|
| Status: Offline |
|
|
|
|
|
|
| Posted:Aug 13 2003, 03:55 PM |
|
|
heres an article from the Aussie I.T paper:
| QUOTE | Blaster worm causes havoc
Correspondents in New York
AUGUST 13, 2003
A COMPUTER worm that attacks Windows operating systems has continued to spread rapidly, causing havoc around the world.
Tens of thousands of companies, government departments and home computer users across North America, Europe and Asia were hit by the internet worm which uses the names "LovSan", "MSBlast" and "Blaster", experts said.
As well as crashing systems, the virus carries a message to Bill Gates, the Microsoft founder and chairman, saying: "Billy Gates why do you make this possible? Stop making money and fix your software!!"
The virus attacks a weakness in Microsoft's Windows systems. Microsoft said the Windows 2000, Windows XP, Windows NT and Windows Server 2003 were the most vulnerable and urged immediate action.
The Maryland Motor Vehicle Administration (MMVA), which handles driving licences and car registrations in the eastern US state, came to a standstill on Tuesday.
"The virus affects the whole system. We closed at noon," an MMVA official said.
The infectious virus also hit the Federal Reserve Bank of Atlanta leading to the shutdown of most of its system, but the US financial system kept working normally.
"Last night, the Federal Reserve Bank of Atlanta determined that a number of our systems were being infected by a worm: MSBlast.exe," said the bank's spokesman, Pierce Nelson.
"Early this morning, most of the Atlanta Federal Reserve systems and PCs were shut down as a precautionary measure as bank staff worked to ensure that the virus was confined and eradicated."
Most of the system had since been restored and individual computers were now being checked, he said.
"At this time it does not appear that other Federal Reserve districts have been affected," said Federal Reserve spokesman David Skidmore in Washington.
"The Federal Reserve System is closely monitoring its computer systems for the so-called MSBlast worm and its variants," Mr Skidmore said.
"All payments that the system routinely processes are being processed," he said.
Experts said that most computer users would only see the impact through the sluggish response of their machine.
Symantec Security Response, a US anti-virus specialist, on Tuesday upgraded its "Blaster" alert to grade four from grade three alarm as the virus started infiltrating computer systems.
Symantec said the virus had quickly spread around the world. It said the virus had been detected in more than 125,000 computer systems it had checked.
The virus also attacked Microsoft's after-sales service line in a bid to stop victims from downloading a patch to halt the worm, Symantec said.
"We started seeing it yesterday," said David Wray, a spokesman with the US Department of Homeland Security, which monitors technology threats as part of its mandate to safeguard US domestic security.
"We've been asking people to update their Microsoft operating systems to patch for the vulnerability that this worm is exploiting," he said.
The worm does not appear to erase files or create major damage other than duplicating itself to other e-mail addresses in a computer user's address book.
But security officials fear hackers will devise copycat versions of the worm that can wreak far greater havoc if the remedy is not applied soon.
In the meantime, the presence of the bug can make for sluggish computer response, Mr Wray said.
"Anytime there's excess traffic on the internet, there's a noticeable degradation of access and service," he said.
"It could be a lot worse, but it's not a good thing."
Agence France-Presse
|
|
