Yet Another Bulletin Board
Sponsored by: The Fans!


Welcome, Guest. Please Login or Register.
Nov 24th, 2024, 7:49pm

Upcoming Premiere Dates:
Survivor 23, Season premiere
Thursday, September 14 (8:00-9:30 PM, ET/PT) on CBS




Home Home Help Help Search Search Members Members Chat Chat Member Map Member Map Login Login Register Register

| Fantasy Survivor Game | Music Forums | The '80s Server Forums | Shop Online |



Metropolis Reality Forums « 'Good' worm hits computers »

   Metropolis Reality Forums
   Off-Topic Forums
   In the News
(Moderators: lakelady, yesteach, MediaScribe, Bumper, Isle_be_back)
   'Good' worm hits computers
Previous topic | New Topic | Next topic »
Pages: 1  Reply Reply Add Poll Add Poll Notify of replies Notify of replies Send Topic Send Topic Print Print
   Author  Topic: 'Good' worm hits computers  (Read 166 times)
Rhune
ForumsNet Administrator
USA 
*****





29289456 29289456   rhune_1971   Rhune1971
View Profile Email

Gender: female
Posts: 292
'Good' worm hits computers
« on: Aug 19th, 2003, 2:17pm »
Quote Quote Modify Modify

'Good' worm hits computers  
 
New worm tries to repair damage done by Blaster, but experts say it is still a threat.
August 19, 2003: 11:07 AM EDT  
 
 
 
SAN FRANCISCO (Reuters) - A new computer worm is spreading worldwide through a security hole in Windows - also used by last week's Blaster worm -- but then patching the hole instead of crashing the system like Blaster does, security experts said on Monday.  
 
The new so-called good worm, dubbed "Welchia" or "Nachi," is similar to Blaster, but it purports to patch the hole Blaster exploited to enter into computers in the first place and tries to clean up after Blaster if the computer is infected with it.  
 
   
Despite the apparently good intentions of the new worm, spreading "good" worms is a very bad idea, said Jimmy Kuo, research fellow at anti-virus vendor Network Associates Inc. (NET: Research, Estimates)  
 
"You would rather not have somebody rebooting your machine in the middle of what you are doing, regardless of their intentions," he said.  
 
Blaster, also dubbed MSBlaster LoveSan, has infected more than 570,000 Windows XP and Windows 2000 computers since it surfaced last week, according to an estimate from anti-virus vendor Symantec Corp. (SYMC: Research, Estimates)  
 
The Windows vulnerability it exploits, which experts have known about since at least mid-July, affects computers running Microsoft Corp.'s (MSFT: Research, Estimates) Windows XP, 2000, NT and Server 2003.  
 
On English, Korean and Chinese versions of the Windows operating systems, Welchia downloads the patch to fix the computer. Welchia apparently does not do that on other versions of Windows, said Joe Hartmann, director of North American anti-virus research at Tokyo-based Trend Micro (TMIC: Research, Estimates).  
 
In some instances, Welchia tries to clean up after Blaster if the computer has been infected with that worm. Then Welchia spreads to other systems that have the vulnerability, said Kuo.  
 
Welchia, which is programmed to delete itself in 2004, is spreading widely in Asia, particularly in Japan, according to Hartmann.  
 
The worm is creating more network traffic, and thus a slowdown, for many corporations as it checks for other vulnerable computers to spread to and because it instructs numerous computers in a network to try to download the patch simultaneously, they said.  
 
Network Associates rated the threat level of the new worm as "medium."  
 
There are also unconfirmed reports that it may try to attack computers through a different Windows vulnerability, the experts said.  
 
Meanwhile, experts warned about an e-mail hoax that was circulating, purporting to be a patch from Microsoft for the security hole Blaster exploits.  
 
Instead, the e-mail contains a Trojan application that installs itself on the computer as a back door enabling an attacker remote access to the system. Microsoft says it never distributes patches via e-mail.  
 
The Blaster worm crashed computers, spread to others and instructed them to launch an attack on one of Microsoft's patch download Web sites on Saturday. However, Microsoft was able to thwart the attack by eliminating the targeted Web page.  
 
A survey of more than 1,000 organizations released by computer security provider TruSecure Corp. estimates that more than 20 percent of corporations worldwide were infected by Blaster, with laptops being the number one infection source.  
 
The median cost for clean up was $6,500 for infections of moderate impact to $55,000 for major impact infections, the survey found.    
 
 
IP Logged
Back to top
azure
ForumsNet Member
USA 
*****






  azure1967  
View Profile

Gender: female
Posts: 4087
Re: 'Good' worm hits computers
« Reply #1 on: Aug 19th, 2003, 5:03pm »
Quote Quote Modify Modify

ok, I must admit I am rather computer illiterate
 
can anyone give me a fairly general description of what  these "worms" and viruses" are?  How they can originate and some of the different types?
 
thanks!
 
 Kiss
IP Logged

HELLO EVERYBODY!!
Back to top
Rhune
ForumsNet Administrator
USA 
*****





29289456 29289456   rhune_1971   Rhune1971
View Profile Email

Gender: female
Posts: 292
Re: 'Good' worm hits computers
« Reply #2 on: Aug 19th, 2003, 5:25pm »
Quote Quote Modify Modify

A worm is a type of virus that doesn't require you to click on a file and "execute" it.  It can run automatically and attach to your computer by just going to a web page with it written to execute in their code.  A router will protect you from getting almost any "worm" type viruses.  
 
All viruses come from the same source - malicious people.  They don't grow, they don't spontaneously create...some jackass sat down and created it and then deliberately unleashed it to harm other people.
 
IP Logged
Back to top
Rhune
ForumsNet Administrator
USA 
*****





29289456 29289456   rhune_1971   Rhune1971
View Profile Email

Gender: female
Posts: 292
Re: 'Good' worm hits computers
« Reply #3 on: Aug 19th, 2003, 5:30pm »
Quote Quote Modify Modify

In this particular case, someone created a "worm" that just undos everything the first one did.  I'm sure they had good intentions and only meant to fix instead of harm, but like the message above says, the fix includes a reboot.  How would you like to go to someone's web page while researching something for an important paper you are working on, get hit by the worm and have it reboot your machine and cause you to lose everything you were doing?  That's possible with this.  The person means well who wrote it, but potentially this can end up costing people just as much time, money and emotions than getting the worm to begin with.
IP Logged
Back to top
Pages: 1  Reply Reply Add Poll Add Poll Notify of replies Notify of replies Send Topic Send Topic Print Print

Previous topic | New Topic | Next topic »

Metropolis Reality Forums » Powered by YaBB 1 Gold - SP 1.3.1!
YaBB © 2000-2003. All Rights Reserved.