A new, and paradoxical worm dubbed W32.Welchia, W32/Nachi and Worm_MSBlast.D, downloads the patch for the MSBlast.exe vulnerability from Microsoft's site for both Windows 2000 and Windows XP from Microsoft's Technet Security site.
New MS Blast Variant Plugs Blaster Hole
W32.Welchia. Worm; The Friendly Worm
Government Computer News: New Worm Reportedly Fixes RPC Vulnerability
[i]Ed. SMBP: This is in no way a recommendation to try to use Welchia instead of the traditional removal tools, because as Ken Durham, Malicious Code Intelligence Officer at IDefense, Inc. in Reston Virginia told GCN:
"Welchia attempts to patch against the RPC vulnerability and then remove itself from the infected computer,
Results 1 to 3 of 3
-
Gold Lounger
- Join Date
- Feb 2003
- Location
- Wardrobe Malfunction Junction, Derry
- Posts
- 2,953
- Thanks
- 0
- Thanked 0 Times in 0 Posts
2003-08-18 20:23'Friendly' Welchia Worm Patches Blaster Hole
-
Subscribe to get a FREE chapter from Windows 7 The Missing Manual
This month, every Windows Secrets subscriber can download a one-chapter excerpt of Windows 7: The Missing Manual.Windows 7: The Missing Manual provides valuable information to help you overcome these difficulties in learning a new operating system. Subscribe today to download your free excerpt.
-
Platinum Lounger
- Join Date
- Jan 2001
- Location
- Quedgeley, Gloucester, England
- Posts
- 5,333
- Thanks
- 0
- Thanked 0 Times in 0 Posts
2003-08-19 11:59Re: 'Friendly' Welchia Worm Patches Blaster Hole
"No Virus is a Good Virus", says Sophos...
<font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>
Ita, esto, quidcumque...
-
Gold Lounger
- Join Date
- Feb 2003
- Location
- Wardrobe Malfunction Junction, Derry
- Posts
- 2,953
- Thanks
- 0
- Thanked 0 Times in 0 Posts
2003-08-19 23:56Re: 'Friendly' Welchia Worm Patches Blaster Hole
