Blaster Worm was a virus program that mainly targeted Microsoft platforms in 2003. The worm attacked computers by exploiting a security flaw with Microsoft remote procedure call (RPC) process using Transmission Control Protocol (TCP) port number 135. The virus propagated itself automatically to other machines by transmitting itself through email and other methods. Blaster Worm is also called MSBlast or Lovesan.
Blaster Worm is believed to have been created through reverse engineering of the original Microsoft patch by Xfocus. It affected more than 100,000 Microsoft computers. In July 2003, Microsoft declared a buffer overrun in the Windows RPC interface that allowed the virus writers to run arbitrary code. The Blaster Worm downloaded the "msblast.exe" file to the Windows directory and then executed it. The flaw was later exposed by the Last Stage of Delirium (LSD) security group. The affected operating systems included Windows XP, Windows NT 4.0, and Windows 2000. After the vulnerability was exposed, Microsoft released two different patches (MS03-026 and MS03-039) on its website. The Blaster Worm used the affected computers as a propagation medium to spread the virus to other machines. The blaster worm is considered to be one of several high-profile worms that impacted the Microsoft platform on a large scale in 2003. Many security specialists rated that year as one of the worst ever for viral threats, which posed huge security risks for Internet users. The Blaster Worm caused a system to reboot every 60 seconds and in some computers, the worm caused an empty welcome screen. Microsoft released a Blaster Worm detection and removal tool for computers running on Windows XP and Windows 2000 operating systems. Enabling a firewall can also prove helpful in stopping the virus from spreading to other computers. Several anti-virus software programs are also available to protect the computer from viruses in general.
Read More »