Mon Aug 11 13:58:30 PDT 2003 — Blaster worm. A new Internet worm, called “blaster”, is currently spreading throughout the Internet. Information about this worm can be found at:
www.sarc.com/avcenter/venc/data/w32.blaster.worm.html
The worm is designed to exploit a known DCOM RPC vulnerability using TCP port 135. This is a vulnerability affecting computers running Microsoft Windows. Information about the vulnerability can be found at:
www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp The recommended action is for all users of all versions of MS Windows to Update their software as soon as possible. We have had reports that users of Windows XP may experience difficulty in dialing up due to the traffic being generated by this worm’s activity; turning on the Internet Connection Firewall provided with XP should make it possible to dial up.
While Sonic.net is not blocking port 135 at this time, we may find it necessary to do so in the future. If you use applications that require traffic over TCP port 135 you might wish to explore switching to an alternate port. -Chris, Scott, Nathan and Support