Welcome to the Virus Encyclopedia of Panda Security.
|W32/Lovsan.worm, W32.Blaster.Worm, WORM_MSBLAST.A, Win32.Poza, WORM_MSBLAST.H
|It launches denial of service attacks against the windowsupdate.com website. It restarts the affected computer.
|Detection updated on:
|Jan. 2, 2004
|Yes, using TruPrevent Technologies
Blaster launches denial of service (DoS) attacks against the windowsupdate.com website. Whenever the system date is between the days 15 and 31 of every month, or every day during the months September through December of every year, Blaster sends a 40 byte packet every 20 milliseconds, using the TCP port 80.
Blaster spreads by attacking IP addresses generated at random and exploits the vulnerability mentioned above to download a copy of itself to the compromised computer. In order to do this, Blaster incorporates its own TFTP (Trivial File Transfer Protocol) server.
If you have a Windows 2003/XP/2000/NT computer, it is highly recommendable to download the security patch from the Microsoft website. Access the web page for downloading the patch.