Latest MS flaw to sire Son of Blaster worm

Posted on 11 Sep 2003 at 15:35

Antivirus experts have called on IT managers to patch systems against the latest Windows vulnerability, if they are to avoid another Blaster-style worm ravaging across the Web.

'There is simply no excuse for IT managers at companies running Microsoft Windows not to already know about this serious security issue,' said Graham Cluley, senior technology consultant for Sophos Anti-Virus.

Microsoft today announced the discovery of a new vulnerability in the RPC service used in Windows NT through to XP. Another vulnerability in the same service was exploited by the Blaster worm variants.

Cluley added: 'The recent Blaster and Nachi worms, which exploited vulnerabilities in Microsoft's software, should have woken up every network manager to the importance of signing-up to Microsoft's free security mailing list. Not doing so is showing a disturbing disregard for the safety of your business systems.'

Cluley was referring to a survey the company conducted earlier in the year which revealed that less than half of the sys admins polled said they had signed up to Microsoft's security bulletin list.

One in eight said they relied on news reports to inform them of security issues that might affect them.

To sign up to Microsoft's security notification service, visit this website.

If you want to rely on news reports for the latest security alerts, rely on ours: RPC threat forces new Microsoft security bulletin.