Four Major Worm Attacks in August 2003
By Paul Roberts
- The W32.Mimail, a mass e-mailed worm, looks like a system administrator’s message.
- The W32.Blaster Internet worm exploits a flaw in Windows’ implementation of the remote procedure call (RPC) protocol and spreads worldwide in a matter of hours, infecting hundreds of thousands of Windows machines.
- Others emerge that exploit the same vulnerability as Blaster, including W32.Welchia, which disrupts networks while PC users try to patch the RPC vulnerability.
- A new version of the Sobig worm, W32.Sobig.F, bombards e-mail accounts worldwide.
CIO John Halamka of CareGroup and Beth Israel Deaconess Medical Center says a combination of firewall, network intrusion detection systems, antivirus software and patches worked to keep his facilities worm-free during the outbreak. Halamka’s IT staff held what he called an "all nightmare-athon" patching session in late July for the hospital’s 130 Windows servers. Worm-free, yes. Cost-free, no.
$firstKeyword
Articles
Receive the latest security news as it breaks.
