Security experts are now tracking a new variant of the Blaster worm, only this one attempts to patch vulnerable systems. Known as Blaster.D, the worm acts much like the original Blaster in that it infects machines that haven’t yet been patched against the RPC DCOM vulnerability in Microsoft Corp.’s Windows 2000 and XP software. But, once it infects a PC, the new variant attempts to force the machine to download and install the patch for the flaw that Blaster exploits. The worm will remove itself from infected machines in 2004. Despite its seemingly good intentions, Blaster.D, also known as Welchia or Nachi, can still cause just as many network problems as its predecessors do. It still scans for other vulnerable systems, and therefore eats up valuable bandwidth. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.