Peter Ferrie, Frédéric Perriot, Péter Ször
Virus Bulletin, September 2003, pp.10-11
ISSN 0956-9979
September 2003
Download PDF (30.19Kb) (You need to be registered on forum)On 11 August 2003 - the same day it was completed - a 6176-byte-long UPX-compressed bug started to invade the world using a recent vulnerability described in Microsoft's MS03-26 security bulletin. Even Windows Server 2003 was affected by this vulnerability. Patches were made available by Microsoft, but on this occasion there was only a short delay between the announcement of the vulnerability and the appearance of the worm that exploited it.
Users of Windows XP had a chance to get the patch applied automatically via Windows Automatic Updates. However, the same cannot be said for the Windows 2000 platforms, where users would need to pay closer attention to the update procedures.