August 18, 2003
mblaster
whoa. WHOA. There's a new bug that utilizes the SAME exploits as the w32.blaster worm (the big worm that took down everybody last week).
Now here's the trippy part: this bug goes to windowsupdate.com and downloads the MS patch that CLOSES the RPC-DOM vulnerability that is responsible for the spread of the virus in the first place. It's the equivalent to a white blood cell!
I can't believe nobody thought of this earlier ... what an amazing concept. You use a virus to combat a virus ... and since they're infecting through the same methods, they would grow at the same rate (in theory).
Of course, there's the whole issue of bandwidth problems with tons of pings going out, but that's a small price to pay for those unsavvy people who don't know to download patches to fix their problems.
What would be even trippier would be if the virus somehow "piggybacked" on the original virus, sending information about where the the virus is being spread and closing the computers and removing the virus from infected computers. The information that it was sent to could be used to quickly figure out the main sources of infection, perhaps assisting the Feds in locating the original source. Furthermore, since the "white virus" itself would close and delete the "black virus" infected computers, there would be no need for the "white virus" to spread through pinging computers.
Then again, this isn't really a preventive measure, but it'd still be rather interesting.
Now here's the trippy part: this bug goes to windowsupdate.com and downloads the MS patch that CLOSES the RPC-DOM vulnerability that is responsible for the spread of the virus in the first place. It's the equivalent to a white blood cell!
I can't believe nobody thought of this earlier ... what an amazing concept. You use a virus to combat a virus ... and since they're infecting through the same methods, they would grow at the same rate (in theory).
Of course, there's the whole issue of bandwidth problems with tons of pings going out, but that's a small price to pay for those unsavvy people who don't know to download patches to fix their problems.
What would be even trippier would be if the virus somehow "piggybacked" on the original virus, sending information about where the the virus is being spread and closing the computers and removing the virus from infected computers. The information that it was sent to could be used to quickly figure out the main sources of infection, perhaps assisting the Feds in locating the original source. Furthermore, since the "white virus" itself would close and delete the "black virus" infected computers, there would be no need for the "white virus" to spread through pinging computers.
Then again, this isn't really a preventive measure, but it'd still be rather interesting.
Posted by roy on August 18, 2003 at 11:30 AM | 1 Comments
Comment with Facebook
Want to comment with Tabulas?. Please login.
dwooillk