Security analysts are warning it’s inevitable that a worm is released in
the wild to attack users through the newly discovered vulnerabilities in Microsoft’s
Windows.
”I think it’s just a matter of time,” says Steve Sundermeier, vice president of products
and services at Central Command Inc., an anti-virus and security company. ”We’re all gearing
up for it. It’s definitely going to come. We’re going to see a new worm.”
Microsoft Corp. announced this week the existence of three recently found flaws in Windows
RPC protocols. Two of the flaws are eerily similar to the RPC vulnerability, discovered this
summer, that led to last month’s release of the Blaster worm, which quickly spread across
the world, clogging up corporate systems, sucking up bandwidth and ultimately trying to
launch a denial-of-service attack on a Microsoft Web site.
These new vulnerabilities include a denial-of-service flaw and two buffer overruns. The
flaws allow a remote attacker to take control of an infected computer, downloading files,
destroying information or using that computer to attack other computers.
The new vulnerabilities offer up a temptation that security analysts think worm writers
won’t be able to resist. With the original Blaster code laying the developmental groundwork
for a second wave of attacks, much of the hard work is already done.
”These new vulnerabilities are close cousins of the RPC vulnerability that was first
published in July,” says Chris Belthoff, a senior security analyst with Sophos Inc., an
anti-virus company based in Lynfield, Mass. ”It’s a very close variant of the vulnerability
that the Blaster worm was written to exploit. So the expectation is that we’ll see the Son
of Blaster or Blaster Junior — a worm or multiple worms that take advantage of the
vulnerability.”
And Belthoff says with the original Blaster code out there, it would be quick and easy for a
virus writer to whip up a damaging knock-off that would exploit the new vulnerabilities.
That means the new worm could literally hit within days or even hours.
”It could come at any time now,” adds Belthoff. ”It wouldn’t surprise me if something is
seen in the next few days. It’s certainly possible. Since this vulnerability is so similar
to the one the Blaster worm exploited, it’s not a huge development task to write another
worm to exploit this vulnerability.”
Belthoff also notes that the first Blaster, though it crashed some systems because of a flaw
in its own coding, didn’t wreak much damage on the infected computers. Blaster was largely
geared to cause trouble for Microsoft by launching a DoS attack against the Web page that
enabled users to download the patch.
Users may not be so lucky with the next worm, which could be far more damaging to the
infected computers.
But Central Command’s Sundermeier says the infected machines are too valuable to the worm
writer to damage.
”Sure, the hacker has the ability to download code of his or her choice and that code could
be malicious to the infected computer,” he explains. ”But if he causes significant damage
to that machine, then that machine is taken out. If they’re going to launch a DoS attack,
they won’t want to take down machines that they actually need.”
Sundermeier adds that there’s a positive side to a new worm hitting so soon after Blaster.
”Blaster is still in people’s minds,” he says. ”Our saying is ‘What is soon learned is
soon forgotten.’ But this is so close to the original Blaster, that may not be the case
here. But people shouldn’t think that just because they are patched for Blaster, they’re
patched for this one.”
MJ Shoer, president and CTO of Jenaly Technology, Inc., a Portsmouth, N.H.-based outsourced
IT firm covering businesses in New England, says he’s been busy making sure clients’ systems
are patched and updated.
”Everybody needs to be patched. That’s what it boils down to,” says Shoer. ”We’re making
sure firewalls are tight and anti-virus is up to date. We’re just checking all the
exposures.”
Shoer says when it comes to making sure a system is patched, the biggest vulnerability to
the corporate network is the mobile user. Many corporate administrators push patches down to
individual desktops and laptops that are connected to the network. If a worker has been on
the road, simply dialing in from slow hotel connections, they’re not likely getting the
patches and security updates they need.
Shoer adds, ”We’re aggressively watching all the points of exposure.”
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.
