News
News
9/11/2003
11:59 AM
Connect Directly
RSS
E-Mail
50%
50%

Security Pros Get Ready For Blaster II

Companies are prepping to re-patch Windows systems to prevent a Microsoft vulnerability and the high likelihood of a second Blaster-like worm that could target the new security flaw.

Businesses have barely had a chance to catch their breaths following the frantic Blaster-related patching of security vulnerabilities in their Windows desktops and servers--not to mention fending off worm attacks. Now they're prepping to patch those very same systems again to prevent a similar Microsoft vulnerability and the high likelihood of a second Blaster-like worm that could target the new vulnerabilities Microsoft disclosed on Wednesday.

"We're going to have to patch again, we don't have any choice on this," says Gene Fredriksen, VP of information security at Raymond James & Associates. He's readying his "patch swat team" to get the job done as quickly as possible.

The flaws Microsoft unveiled in Security Bulletin MS03-039 are remarkably similar to the security problems addressed by Security Bulletin MS03-026 released in mid-July. Blaster used that vulnerability to infect tens of thousands of unpatched systems in early August.

The three serious vulnerabilities disclosed Wednesday, in conjunction with a Windows patch, affect Microsoft's RPC DCOM (Remote Procedure Call Distributed Component Object Model) and may be exploited, according to Microsoft, remotely through communication port 135 and others. For more information and links to the patch, see Microsoft's MS03-039 security bulletin.

Microsoft says customers should patch all affected systems immediately. The vulnerabilities affect Windows NT 4 Workstation, Windows NT Server 4.0, NT Server 4.0 Terminal Server Edition, Windows 2000, Windows XP, and Windows Server 2003.

Dan Ingevaldson, team lead with the security research group X-Force at Internet Security Systems Inc. says an active exploit--software that makes it easier to attack a security hole--is already available on the Internet and could be used to launch denial-of-service attacks against at-risk systems. Ingevaldson also warns that a virus or worm for attacking vulnerable systems could be created easily. "I would say that there is a high probability that we will see a new worm as a result of this vulnerability," says Ingevaldson. But he adds that since many companies have closed port 135 (a port Blaster used to infect systems) the worm may have a hard time spreading. "I hope that there is some residual protection out there as a result of companies protecting themselves from Blaster. That may be the only potential good news right now."

"We want to get the word out that people need to patch this one," says Jeff Jones, Microsoft's senior director for trustworthy computing security. Outside researchers and Microsoft's own internal reviews discovered the new flaws after the Blaster infection, he said.

"The pressure is on us now," Fredriksen says.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from InformationWeek.com this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.