The Microsoft corporation announced a security vulnerability in its Windows Operating Systems (OS) that allows attacks by the W32.Blaster.Worm in these products:
This security vulnerability is in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface.
If your machine is not infected with the virus, prevent the virus from infecting your machine by performing one of these options:
After applying the patch, check for this registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run< "windows auto update"="msblast.exe"
"windows auto update"="msblast.exe"
If this registry key is present, your system is probably already infected.
If your machine is infected, these upgrades will not remove the virus, and you need to perform these steps before you apply the Microsoft patch:
Note: Norton is supported only for the Cisco CallManager application.
If your system is infected and does not have Norton or McAfee on the system, you can run Stinger v1.8.0., the stand alone virus removal tool.
For more information, refer to these documents: