On July 16, 2003 Microsoft warned of a potential security hole that if compromised, would affect computers running Microsoft NT 4.0, Microsoft 2000, Microsoft XP and Microsoft Server 2003. On August 11, 2003 a threat, known as Blaster Worm, was discovered as it hit computers worldwide. Here is a brief description from the AVERT team at McAfee:

<blockquote><span style="font size:10">quote:<hr />SCOPE
An attacker can exploit this vulnerability by crafting a specifically malformed RPC packet and sending it to a vulnerable server. The attacker will need access to the vulnerable server RPC interface that is located at port 135.

A malicious attacker may use this vulnerability to execute code of his choice on the victim machine. Since the RPC service executes with SYSTEM privileges an attacker executing code as the result of this attack can fully compromise the vulnerable server

Entercept provides patented protection against code execution as a result of buffer overflows and prevents the exploitation of the RPC Interface buffer overflow vulnerability.
[/QUOTE]Because many of you are running (at least) one of the Windows systems we recommend that you take this threat seriously. Patch your Windows and update your latest virus DAT files ASAP. Critical links:

Microsoft Update Patch (http://www.microsoft.com/security/security_bulletins/ms03-026.asp)

Microsoft: Blaster Worm Information (http://www.microsoft.com/security/incident/blast.asp)

McAfee Virus Engine and DAT update (http://vil.nai.com/vil/content/v_100547.htm)

Symantec (Norton) patch update (http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html)