posted on August 15, 2003 08:33:51 PM new
Rec'd this from my ISP. Thought I'd pass it along. Seems there is to be a second attack.
Dear Adelphia High-Speed Internet Customer,
There are two current issues that are affecting many of you today and Adelphia would like to bring them to your attention. We encourage you to take action to protect your computer.
1. MSBlast.exe Virus Information:
As you may have heard, a significant virus known as MSBlast.exe (also known as the LovSan Web Worm) spread across the Internet over the past week. Unfortunately, many of you were affected. Those of you who have not taken action to protect your computer from this virus are still open to attack.
According to some reports, the MSBlast.exe virus may resume its attack on Saturday August 16th, 2003. The virus is programmed to launch a distributed denial-of-service attack on windowsupdate.com. This may severely impact access to the Microsoft website used to distribute security fixes against viruses. Each computer that begins to run the worm on or after 8/16/2003 (either from new infection or after a computer restart) will engage an attack on windowsupdate.com. Customers who have already downloaded the update from Microsoft should not be affected because this is the same worm attack from August 12th - the worm is just time released in this case.
If you have not downloaded the update from Microsoft, you will not be able to go to windowsupdate.com if the worm resumes its attack on 8/16/2003. To stop the virus from infecting your computer, we recommend that you take immediate action to update the security patch located at:
Customers who run firewalls are encouraged to block access to TCP port 69, 135, 4444 at the firewall level.
Finally, you can go to www.adelphiapowerpage.com for links to the removal tools and security updates. Customers using Windows 2000 or Windows XP are strongly encouraged to do so no later than 12:00PM EDT August 15th, 2003.
2. NETGEAR 4-port Home Networking Router Information:
Product Information: Model RP614 4-Port Cable/DSL Router with 10/100 Mbps Switch
An issue has been identified with NETGEAR routers and integrated cable modem/routers. The NETGEAR equipment generates IP broadcasts to other Internet users, which causes a degraded Internet experience.
The NETGEAR web site offers a solution for customers that have this product:
http://www.netgear.com/support/support_details.asp?dnldID=377#
Please Note:
Adelphia is providing this information to help you protect yourself from the MSBlast.exe virus and to prevent any NETGEAR equipment you may own from impacting other Internet users. Adelphia is not responsible for any damage to your computer from any source used to protect against this virus.
Thank you,
Adelphia Communications
Cheryl
Power to the people. Power to the people, right on. - John Lennon
posted on August 15, 2003 08:53:45 PM new
I received the same email from my ISP
One thing for everyone to know, if you still have Win 98 or even 95, this thing won't effect you.
It affects Win 2000, XP and up
Here is mine, not sure it will come out here
IMPORTANT: Immediate action required to safeguard your computer from Phase Two of the MSBlast.exe virus
Dear Comcast Customer,
Have you taken the necessary steps to help ensure that your computer is clean and protected from the second phase of the MSBlast.exe virus or LovSan Web Worm? If not, we recommend that you immediately follow our suggested steps below.
The MSBlast.exe virus or LovSan Web Worm may enter your computer through a vulnerability in your computer's Microsoft Windows®-based operating system. According to current reports, this virus or worm is designed to cause computers to launch an electronic attack against Microsoft's Windows® help web site on August 16, 2003.
If you are using one of the following Microsoft Operating Systems, we recommend that you follow the instructions below to remove or safeguard your computer from the MSBlast.exe virus or LovSan Web Worm. Even if your computer isn't affected now, it could be in the future.
Microsoft Windows® NT 4.0
Microsoft Windows® NT 4.0 Terminal Services Edition
Microsoft Windows® 2000
Microsoft Windows® XP
Microsoft Windows® Server 2003
Please take the time to print out follow the steps outlined below to help ensure that your computer is safe and clear of the MSBlast.exe virus or LovSan Web Worm. (This and other related information can also be found on our web site at http://www.comcast.net.)
Close all open programs and press and hold down the following keys simultaneously: Ctrl (Control), Alt and Delete
Click the Task Manager button
Select the Processes tab
Click the Image Name column to sort the list in alphabetical order
Select the msblast.exe file by clicking on it once. Then, click the End Process button. If you do not see msblast.exe in the list of running tasks, please proceed to Step 6 as you should still check your system for the Worm and apply the Microsoft patch. (Some operating systems require that you log in as Owner/Administrator in order to install this patch)
Now you can close the Windows® Task Manager screen by clicking the X in the upper right hand corner.
Next, determine which operating system you are using. Since Microsoft has different patches to protect each operating system, you will need to know which operating system you have on your computer.
Click on the Start button, go up to Run. Type winver and press the Enter key. The window displayed will indicate which operating system is being used (Windows(r) 2000, Windows(r) XP, etc.)
Once you have determined your operating system, go to http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp and click on the link for your operating system.
Click Download on the right side of the page.
Choose Run or Open from this location.
Confirm security warning pop-up by clicking Yes.
Follow pop-up instructions.
Once your computer has finished go to http://securityresponse.symantec.com/avcenter/FixBlast.exe, when prompted click Open.
When it has finished, you will have successfully checked your system for the MSBlast Worm and installed the patch.
Please note: If done incorrectly, some of the steps in this FAQ can cause problems with your Operating System. You should carefully review all terms, policies, and instructions on any of the websites that you visit while following these steps. Please note that while Comcast is providing this information to help you remove the MSBlast.exe virus and LovSan Web Worm, Comcast is not responsible for any damage done to your computer from any source to remove this worm.
We thank you for taking the time to ensure that your computer is protected.
Sincerely,
Comcast Online
Art Bell Retired! George Noory is on late night coasttocoastam.com
