Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Cloudera Newsroom 2022 Intel Partner Connect 2021

New Worm Installs Patches

A new worm takes a different twist by trying to repair systems infected by Blaster and patch the vulnerability it exploits, antivirus vendors said Monday.

The worm, called Nachi or MSBlast.D, tries to delete Blaster from some infected systems and install patches, according to Trend Micro. Last week's Blaster worm, also called MSBlast and Lovsan, infected hundreds of thousands of systems by exploiting a Remote Procedure Call (RPC) flaw in Microsoft Windows.

Nachi exploits the same flaw but can delete the MSBlast.exe file left by Blaster on machines running Windows 2000 and Windows XP and download Microsoft patches to fix the flaw, according to Trend Micro.

The company rated the new worm as a medium risk. Computer Associates ranked the worm as medium-on-watch, while Network Associates called it a medium risk.

"Some may call this a good virus, but it can cause all sorts of problems when patches are applied to a computer unbeknownst to the administrator of that computer," said Ken Dunham, malicious code intelligence manager at iDefense, said in an alert issued Monday.

Back to Top



    trending stories

    sponsored resources