Panda Virus Alert - W32-Blaster

[pic] FOR IMMEDIATE RELEASE Panda Software alerts Web users to new worm, W32/Blaster W32/Blaster was created to exploit the recently discovered vulnerability in several versions of Microsoft Windows GLENDALE, CA – August 12, 2003 – Panda Software has started receiving notice of incidents caused by malicious code W32/BLASTER. Blaster does not spread through usual means. Instead, it scans the Internet for computers that are vulnerable to attack. Once one is found, it tries to enter the system through port 135 to create a buffer overflow. One indication of infection is unusual activity on this port, which will show up in reports from the firewall, if one is running. Once installed in a machine, Blaster scans random IP ranges, seeking more PCs to infect. It also creates a file in the system called msblast.exe, which contains the worm's code. It creates a registry key to ensure it is started whenever the operating system is restarted. However, the purpose of this malicious code is to infect as many computers as possible in order to launch a Denial of Service Attack against the Web site www.windowsupdate.com. The worm is coded to launch that attack on August 15th, 2003. This Windows vulnerability, which Microsoft has classified as "critical," affects systems with Windows NT, 2000, XP, and Server 2003. This security hole could allow hackers to gain remote control of infected computers. To avoid falling victim to an attack, network administrators, IT managers and home users should immediately install the patches released by Microsoft to repair this vulnerability. These are available at http://www.microsoft.com/security/security_bulletins/ms03-026.asp, where detailed information about this flaw is available. Panda Software has already released virus signature updates to find and neutralize W32/Blaster. If your Panda antivirus software is not configured to update automatically, you can download the update at Panda's Web site: http://www.pandasoftware.com Panda software offers the public free use of ActiveScan, an up-to-date online virus scan to detect malicious code including Blaster. Please access Panda ActiveScan at: http://www.pandasoftware.com/activescan/com/activescan_principal.htm Detailed information about W32/Blaster is already available from Panda Software’s Virus Encyclopedia. ABOUT PANDA SOFTWARE Panda Software (http://www.pandasoftware.com) is the first company to allow truly automatic daily signature updates, as well as centralized administration of antivirus protection, both of which have revolutionized the antivirus industry. On receiving a possibly infected file, Panda Software's technical staff immediately analyzes to determine the threat potential. Depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users Panda Software is known for its user-friendly policies, including free telephone support for corporate customers, expanded competitive renewal programs and free disinfection services. All of its products feature exclusive SmartClean™ technology and are endorsed by major industry watchdogs including ICSA Labs and Checkmark. # # # FOR MORE INFORMATION: Alan Wallace Panda Software VP, Corporate Communications US www.pandasecurity.com