---
title: W32.Blaster.Worm
date: 2003-08-12 22:56:44
permalink: https://lesterchan.net/blog/2003/08/12/w32blasterworm/
author: Lester Chan
categories:
  - Software
---

Lots of people have been infected by the **W32.Blaster.Worm**. It is a worm that will exploit the DCOM RPC vulnerability using TCP port 135. It will attempt to download and run a file, msblast.exe.

> **»** Infection Length: 6,176 bytes  
>  **»** Systems Affected: Microsoft IIS, Windows 2000, Windows NT, Windows XP  
>  **»** Systems Not Affected: Linux, Macintosh, OS/2, UNIX

Basically, what the virus does is it will auto restart your Windows after a certain time.

Fixes:

> **»** Symantec Security Response – W32.Blaster.Worm Information (Removal)  
>  **»** Microsoft Security Bulletin (Patch)

It is recommended that all users get this fixed as soon as possible.

**\*Update\*** I have mirrored the Microsoft patch on this server. If it is illegal inform me and I will remove it immediately.

> **»** WinXP English Patch  
>  **»** Win2K English Patch

**\*Disclaimer\*** Download at your own risk, I will not hold any responsibility if there is anything wrong with your computer after installing it.