MSBlaster talkback radio

Discussion in 'NZ Computing' started by Invisible, Aug 12, 2003.

  1. Invisible

    Invisible Guest

    There's some real experts on there, LOL
    Invisible, Aug 12, 2003
    #1
    1. Advertising

  2. Invisible allegedly said:

    > There's some real experts on there, LOL


    I also heard MS's Terry <someone> talking to Claire Suranni (sp?) on NatRad
    just after 9am.

    She doesn't know much, but knew enough to get him to say clearly that only
    Windows users on 2k/NT/XP users are affected by the w32.blaster worm.

    He had initially referred to the scope as something vague, like 'all home
    and business computers'. From a Windwos perspective that would be true -
    and he does work for Microsoft, so could be forgiven for being
    Windows-centric in his thinking....

    Overall, a listener would have arrived at a fairly clear understanding of
    the problem and how to address it.
    George Berkeley, Aug 13, 2003
    #2
    1. Advertising

  3. Curious observation

    Invisible wrote:
    > There's some real experts on there, LOL


    How come Microsoft have gone big on media coverage to get the message across
    for this worm ?

    The payload is a DOS on windowsupdate.com after Aug 15 ( source:
    www.computerworld.co.nz).

    And yet MS certianly haven't had a high profile for virus warnings for all
    the other crap floating out there due to MS flaws.

    Is the MS approach this time 'serious and informative' because they'll be
    the target for once, as opposed to the thousands of home users who've been
    infected with god knows what crap over the ages...

    Curious observation. Wonder if the media will ask this question.
    Robert Mathews, Aug 13, 2003
    #3
  4. Re: Curious observation

    "Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in message
    news:bhc05a$4g1$...
    > Invisible wrote:
    > > There's some real experts on there, LOL

    >
    > How come Microsoft have gone big on media coverage to get the message

    across
    > for this worm ?
    >
    > The payload is a DOS on windowsupdate.com after Aug 15 ( source:
    > www.computerworld.co.nz).
    >
    > And yet MS certianly haven't had a high profile for virus warnings for all
    > the other crap floating out there due to MS flaws.
    >
    > Is the MS approach this time 'serious and informative' because they'll be
    > the target for once, as opposed to the thousands of home users who've been
    > infected with god knows what crap over the ages...


    Of course not. MS is DEFINATELY not the only target. This virus causes
    lockups, error messages and system shutdowns. Not to mention that many
    networks are flooded with connection attempts as the word trolls the net.
    Plus, it leaves your computer wide open by allowing a remote CMD session on
    port 4444.

    Cheers,
    Nicholas Sherlock
    Nicholas Sherlock, Aug 13, 2003
    #4
  5. Re: Curious observation

    "Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in message
    news:bhc05a$4g1$...
    > Invisible wrote:
    > > There's some real experts on there, LOL

    >
    > How come Microsoft have gone big on media coverage to get the message

    across
    > for this worm ?


    Microsoft went out there proactively before the worm hit, to suggest to
    people that their machines should be patched. That was almost 3 weeks ago.

    > The payload is a DOS on windowsupdate.com after Aug 15 ( source:
    > www.computerworld.co.nz).


    How do you know that is the 'only' payload this worm drops on your machine?
    Nathan Mercer, Aug 13, 2003
    #5
  6. Invisible

    art Guest

    Re: Curious observation

    On Wed, 13 Aug 2003 15:46:22 +1200, "Nathan Mercer"
    <nathan@4757979!!!SPAMSUCKS****mcs.co.nz> wrote:

    >
    >"Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in message
    >news:bhc05a$4g1$...
    >> Invisible wrote:
    >> > There's some real experts on there, LOL

    >>
    >> How come Microsoft have gone big on media coverage to get the message

    >across
    >> for this worm ?

    >
    >Microsoft went out there proactively before the worm hit, to suggest to
    >people that their machines should be patched. That was almost 3 weeks ago.
    >
    >> The payload is a DOS on windowsupdate.com after Aug 15 ( source:
    >> www.computerworld.co.nz).

    >
    >How do you know that is the 'only' payload this worm drops on your machine?
    >


    Really? I hadn't heard of it until a couple of days ago, and I don't
    think it was discussed in this newgroup.
    art, Aug 13, 2003
    #6
  7. Re: Curious observation

    On Wed, 13 Aug 2003 20:01:20 +1200, art <> wrote:

    >On Wed, 13 Aug 2003 15:46:22 +1200, "Nathan Mercer"
    ><nathan@4757979!!!SPAMSUCKS****mcs.co.nz> wrote:
    >
    >>
    >>"Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in message
    >>news:bhc05a$4g1$...
    >>> Invisible wrote:
    >>> > There's some real experts on there, LOL
    >>>
    >>> How come Microsoft have gone big on media coverage to get the message

    >>across
    >>> for this worm ?

    >>
    >>Microsoft went out there proactively before the worm hit, to suggest to
    >>people that their machines should be patched. That was almost 3 weeks ago.
    >>
    >>> The payload is a DOS on windowsupdate.com after Aug 15 ( source:
    >>> www.computerworld.co.nz).

    >>
    >>How do you know that is the 'only' payload this worm drops on your machine?
    >>

    >
    >Really? I hadn't heard of it until a couple of days ago, and I don't
    >think it was discussed in this newgroup.




    The Patch is dated 16 the July
    Robert Mathews, Aug 13, 2003
    #7
  8. Invisible

    Matt B Guest

    Re: Curious observation

    In news:,
    art <> wrote:
    > On Wed, 13 Aug 2003 20:48:03 +1200, Robert Mathews
    > <> wrote:
    >
    >> On Wed, 13 Aug 2003 20:01:20 +1200, art <> wrote:
    >>
    >>> On Wed, 13 Aug 2003 15:46:22 +1200, "Nathan Mercer"
    >>> <nathan@4757979!!!SPAMSUCKS****mcs.co.nz> wrote:
    >>>
    >>>>
    >>>> "Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in
    >>>> message news:bhc05a$4g1$...
    >>>>> Invisible wrote:
    >>>>>> There's some real experts on there, LOL
    >>>>>
    >>>>> How come Microsoft have gone big on media coverage to get the
    >>>>> message across for this worm ?
    >>>>
    >>>> Microsoft went out there proactively before the worm hit, to
    >>>> suggest to people that their machines should be patched. That was
    >>>> almost 3 weeks ago.
    >>>>
    >>>>> The payload is a DOS on windowsupdate.com after Aug 15 ( source:
    >>>>> www.computerworld.co.nz).
    >>>>
    >>>> How do you know that is the 'only' payload this worm drops on your
    >>>> machine?
    >>>>
    >>>
    >>> Really? I hadn't heard of it until a couple of days ago, and I don't
    >>> think it was discussed in this newgroup.

    >>
    >>
    >>
    >> The Patch is dated 16 the July
    >>

    >
    > I saw that, but it wasn't really publicised until today when the
    > problems occurred on a big scale.


    You mean, "publicised" as in like, the media?
    Mate, if you're gonna wait until you read about it or hear it on the news...
    Hope you're not in IT and if you are, glad I'm not one of your lusers...

    --
    Regards,

    Matt B
    ~~~~~~~~~~~~~~~~~~~~~~
    There are 10 types of people.
    Those who get binary...
    And those who don't.
    ~~~~~~~~~~~~~~~~~~~~~~
    Matt B, Aug 13, 2003
    #8
  9. Re: Curious observation

    > Microsoft went out there proactively before the worm hit, to suggest
    > to people that their machines should be patched. That was almost 3
    > weeks ago.


    True. I had updated my machine when the firt warning came out, so no
    problems for me.

    However, this is the FIRST time Microsoft have actively pursued the media
    for interviews and comments about a situation like this.

    Either a worm, or virus, the point about users having problems and here's a
    patch to fix it is the message sent by MS.

    Where was Microsoft when Code Red, Melissa, blah blah blah virus's were
    running around ?

    Is it only because MS this time are the eventual target for the worm ?

    > How do you know that is the 'only' payload this worm drops on your
    > machine?


    I'm relying on the media to inform me of this, which according to
    Computerworld, stated this was the payload.

    To put that into the correct perspective, I'm also relying on the Microsoft
    patch on my Microsoft purchased product to prevent this from happening.
    Robert Mathews, Aug 13, 2003
    #9
  10. Invisible

    lily Guest

    Re: Curious observation

    Nathan Mercer wrote:



    >
    > Does this information come from a trustworthy source? How can they truely
    > know what has exactly happened to the machine in question that has been
    > comprimised. Think about it this way: If you've been hacked with this worm,
    > your PC isn't your PC anymore. You've been comprimised, with root
    > administrator level access and a remote shell open to your machine. I would
    > be fdisking, formatting and reinstalling. Then I know my PC is my PC again.
    >

    Until the next exploit.
    How are you going to sell all of this fdisking formatting and
    reinstalling to the punters that have been convinced that all they will
    ever need is system restore and a recovery partition or disk and that
    they will never be affected by the product activation features of XP
    Or do you expect that they will just throw their PCs away and buy new ones.
    lily, Aug 14, 2003
    #10
  11. Re: Curious observation

    On Wed, 13 Aug 2003 15:46:22 +1200, Nathan Mercer wrote:


    > Microsoft went out there proactively before the worm hit, to suggest to
    > people that their machines should be patched. That was almost 3 weeks
    > ago.


    People are reluctant to accept the draconian alterations to the original
    license agreement which installing service packs and patches requires they
    agree to.

    With good reason.


    That's on top of the average home modem user not having the time to spend
    12-16 hours downloading updates after installing the OS.
    Uncle StoatWarbler, Aug 14, 2003
    #11
  12. Invisible

    Bret Guest

    Re: Curious observation

    On Thu, 14 Aug 2003 10:32:48 +1200, "Nathan Mercer"
    <nathan@4757979!!!SPAMSUCKS****mcs.co.nz> wrote:

    >"Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in message
    >news:bheal9$5o9$...


    <Snip>

    >> To put that into the correct perspective, I'm also relying on the

    >Microsoft
    >> patch on my Microsoft purchased product to prevent this from happening.

    >
    >Which it does 100%, if you're patched with MS03-26 you are safe from this
    >vulnerability and the "blaster" worm.
    >

    Unless you haven't installed SP1, as I understand it is a prerequisite
    for the patch.
    Bret, Aug 14, 2003
    #12
  13. Invisible

    AD. Guest

    Re: Curious observation

    On Thu, 14 Aug 2003 11:31:24 +1200, Robert Mathews wrote:

    > However the fix
    > hadn't received a high profile in the media, merely the results of failing
    > to fix. Ahh, if only as much effort had gone into informing people - rather
    > than being the ambulance at the bottom of the cliff.


    I don't know where you've been the last few weeks, but that vulnerability
    has had more publicity pre-exploit than any other one I can remember. You
    even had the dept of homeland security in the US issue two warnings about
    it.

    If every other software vulnerability got that much press, there'd be no
    room for anything else in the IT press. Would you complain that the
    insurance companies hadn't warned you enough times about getting round to
    organising insurance before your new house burnt down?

    Nobody patched or not would've been hit by that vulnerability if they had
    the absolute minimum protection required for putting machines on the
    internet - ie not offering port 135.

    I can be a harsh critic of MS, but in this case I can't think of what else
    they could've done.

    Cheers
    Anton
    AD., Aug 14, 2003
    #13
  14. Re: Curious observation

    "Bret" <> wrote in message
    news:...
    > On Thu, 14 Aug 2003 10:32:48 +1200, "Nathan Mercer"
    > <nathan@4757979!!!SPAMSUCKS****mcs.co.nz> wrote:
    >
    > >"Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in message
    > >news:bheal9$5o9$...

    >
    > <Snip>
    >
    > >> To put that into the correct perspective, I'm also relying on the

    > >Microsoft
    > >> patch on my Microsoft purchased product to prevent this from happening.

    > >
    > >Which it does 100%, if you're patched with MS03-26 you are safe from this
    > >vulnerability and the "blaster" worm.
    > >

    > Unless you haven't installed SP1, as I understand it is a prerequisite
    > for the patch.
    >


    the patch installs OK without any SP's.
    I've never used service packs and have no probs.

    Russell
    Russell Smithies, Aug 14, 2003
    #14
  15. Invisible

    Bret Guest

    Re: Curious observation

    On Thu, 14 Aug 2003 17:59:17 +1200, "Russell Smithies"
    <> wrote:

    >
    >"Bret" <> wrote in message
    >news:...
    >> On Thu, 14 Aug 2003 10:32:48 +1200, "Nathan Mercer"
    >> <nathan@4757979!!!SPAMSUCKS****mcs.co.nz> wrote:
    >>
    >> >"Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in message
    >> >news:bheal9$5o9$...

    >>
    >> <Snip>
    >>
    >> >> To put that into the correct perspective, I'm also relying on the
    >> >Microsoft
    >> >> patch on my Microsoft purchased product to prevent this from happening.
    >> >
    >> >Which it does 100%, if you're patched with MS03-26 you are safe from this
    >> >vulnerability and the "blaster" worm.
    >> >

    >> Unless you haven't installed SP1, as I understand it is a prerequisite
    >> for the patch.
    >>

    >
    >the patch installs OK without any SP's.
    >I've never used service packs and have no probs.
    >

    Thanks Russell, I read this,

    The patch for Windows XP can be installed on systems running Windows
    XP Gold or Service Pack 1.

    Here

    http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp
    Bret, Aug 14, 2003
    #15
  16. Invisible

    SteveM Guest

    Re: Curious observation

    Bret <> wrote in
    news::

    > On Thu, 14 Aug 2003 17:59:17 +1200, "Russell Smithies"
    > <> wrote:
    >
    >>
    >>"Bret" <> wrote in message
    >>news:...
    >>> On Thu, 14 Aug 2003 10:32:48 +1200, "Nathan Mercer"
    >>> <nathan@4757979!!!SPAMSUCKS****mcs.co.nz> wrote:
    >>>
    >>> >"Robert Mathews" <do_you_masturbate@too_much.com.org.qq> wrote in
    >>> >message news:bheal9$5o9$...
    >>>
    >>> <Snip>
    >>>
    >>> >> To put that into the correct perspective, I'm also relying on the
    >>> >Microsoft
    >>> >> patch on my Microsoft purchased product to prevent this from
    >>> >> happening.
    >>> >
    >>> >Which it does 100%, if you're patched with MS03-26 you are safe
    >>> >from this vulnerability and the "blaster" worm.
    >>> >
    >>> Unless you haven't installed SP1, as I understand it is a
    >>> prerequisite for the patch.
    >>>

    >>
    >>the patch installs OK without any SP's.
    >>I've never used service packs and have no probs.
    >>

    > Thanks Russell, I read this,
    >
    > The patch for Windows XP can be installed on systems running Windows
    > XP Gold or Service Pack 1.
    >
    > Here
    >
    > http://www.microsoft.com/technet/treeview/?url=/technet/security/bullet
    > in/MS03-026.asp
    >


    Will not install on Win2k without SP2 though!

    SteveM
    SteveM, Aug 14, 2003
    #16
  17. Invisible

    Enkidu Guest

    Re: Curious observation

    On Wed, 13 Aug 2003 16:28:45 +1200, "Howard" <>
    wrote:

    >Nicholas Sherlock wrote:
    >
    >> Plus, it leaves your computer wide open by allowing a remote CMD
    >> session on port 4444.

    >
    >Thanks interesting. Does it mean that I can own any PC that's attacking me
    >by telneting to the IP on that port?
    >

    Yes.
    >
    >Perhaps I could access the PC, clean it, update the patch, and change the
    >wallpaper to tell the user what an idiot he is. Crime Amendment Act No 6
    >notwithstanding, of course.
    >

    Well, unless you do some nifty scripting, it won't work. You only have
    the command line.

    Cheers,

    Cliff
    --

    Signed and sealed with Great Seal of the Executive
    Council of the Internet, by The Master of The Net.
    Enkidu, Aug 15, 2003
    #17
  18. Re: Curious observation

    On Fri, 15 Aug 2003 23:40:57 +1200, Enkidu wrote:

    > Well, unless you do some nifty scripting, it won't work. You only have the
    > command line.


    ren win.exe lose.exe
    reboot now
    Uncle StoatWarbler, Aug 15, 2003
    #18
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dean Stepper

    talkback.exe

    Dean Stepper, Feb 25, 2005, in forum: Firefox
    Replies:
    2
    Views:
    1,510
    Dean A. Stepper
    Feb 25, 2005
  2. Sonja

    MSBlaster !!!!!

    Sonja, Aug 14, 2003, in forum: Computer Support
    Replies:
    3
    Views:
    567
    Jérémie
    Aug 15, 2003
  3. alexandrew

    msblaster.exe Virus

    alexandrew, Aug 20, 2003, in forum: Computer Support
    Replies:
    10
    Views:
    807
    Boomer
    Aug 21, 2003
  4. Magen

    File associated with msblaster?

    Magen, Aug 20, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    406
    Sebby
    Aug 20, 2003
  5. Black Tractor

    HELP!!suspect my laptop infected by "MSBlaster"

    Black Tractor, Jan 31, 2005, in forum: Computer Support
    Replies:
    10
    Views:
    709
    Governor Swill
    Feb 2, 2005
Loading...

Share This Page