New W32.Blaster Worm Reported

It is reported that a new worm is rapidly spreading through the Internet. The program is exploiting an unpatched RPC/DCOM vulnerability. The program will attempt to run a program named ?msblast.exe? which spreads the worm and will initiate a denial of service against on August 16.

Infection can be verified by checking a registry modification. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run will have an entry of "windows auto update"="msblast.exe".

Major anti-virus vendors have released updates to their products to identify the new worm and provide removal instructions. If your computer is missing the MS03-026 patch, please verify that your computer has any infection removed and is properly patched before reconnecting it to the campus network.