[Dshield] Message from M$

Micheal Patterson micheal at cancercare.net
Mon Aug 18 00:44:46 GMT 2003

Did anyone else by chance get one of these?

My personal thoughts on all of this.

1. They had a bug. A very serious one at that.

2. Many systems, even patched ones, fell victom to it.

3. There was a "coincidental blackout across the east coast of the US.
Causing major financial loss.

4. We now have a Home Land Security Office that is directly responsible for
the security of the country and they acted upon ISP's to limit the spread of
this latest exploit.

5. Now MS sends a letter telling people how to patch against this one and
how safe they are if they've applied the patch and how they're striving to
provide all and any available information on this exploit, and any other
"worms and virus's that occur".

You ever get the feeling that someone might have sent Guido to see Billy and
to tell him to clean his act up?


Micheal Patterson
Network Administration
Cancer Care Network


<0_51186_46505D2A-ADF9-460D-AA3F-20924E8F8343_US at Newsletters.Microsoft.com>
Received: (from root at localhost)
 by mail.cancercare.net (8.12.8/8.12.4) id h7GHdUB3086951
 for support at cancercare.net; Sat, 16 Aug 2003 12:39:30 -0500 (CDT)
0_51186_46505D2A-ADF9-460D-AA3F-20924E8F8343_US at Newsletters.Microsoft.com)
Received: from delivery.pens.microsoft.com (delivery.pens.microsoft.com
 by mail.cancercare.net (8.12.8/8.12.4) with ESMTP id h7GHdRMH086943
 for <support at cancercare.net>; Sat, 16 Aug 2003 12:39:27 -0500 (CDT)
0_51186_46505D2A-ADF9-460D-AA3F-20924E8F8343_US at Newsletters.Microsoft.com)
Received: from TK2MSFTDDSQ01 ([]) by delivery.pens.microsoft.com
with Microsoft SMTPSVC(6.0.3790.0);
  Sat, 16 Aug 2003 10:39:22 -0700
Reply-To: <3_51186_46505D2A-ADF9-460D-AA3F-20924E8F
From: "Microsoft"
<0_51186_46505D2A-ADF9-460D-AA3F-20924E8F8343_US at Newsletters.Microsoft.com>
To: <support at cancercare.net>
Subject: IMPORTANT SECURITY ANNOUNCEMENT - for Windows Users re: Blaster
Date: Sat, 16 Aug 2003 10:39:22 -0700
Message-ID: <211c3d01c3641d$53e372b0$4101280a at phx.gbl>
MIME-Version: 1.0
Content-Type: text/plain;
X-Mailer: Microsoft CDO for Windows 2000
Thread-Index: AcNkHUHnNwMcoJzXRlCtkh4ZrQ9m8g==
Content-Class: urn:content-classes:message
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
X-OriginalArrivalTime: 16 Aug 2003 17:39:22.0049 (UTC)
X-Virus-Scanned: by AMaViS 0.3.12
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by mail.cancercare.net
id h7GHdUB3086951
X-UIDL: 4l)"!5KR"!)P>!!oj5"!
Status: RO

This e-mail message is being sent to you by Microsoft Corporation. To verify
the authenticity of this e-mail message, please visit:

Dear Microsoft Customer,

On August 11, 2003, Microsoft began investigating a report of a worm, known
as W32.Blaster.Worm, that exploits the vulnerability addressed by Microsoft
Security Bulletin MS03-026. Microsoft released this critical security
bulletin and corresponding patch for Windows operating systems on July 16,
2003. While some customers may not notice the presence of the worm infection
at all on their computer systems, typical symptoms may include Windows XP
and Windows Server 2003 systems rebooting every few minutes without user
input or Windows NT4 and Windows 2000 systems becoming unresponsive.

If you applied security patch MS03-026 prior to the discovery of the Blaster
worm, your system is secure from the vulnerability that W32.Blaster is
using. For the most current information on determining if your systems are
infected and how to recover from the infection, please go to the following
Web site and perform the prescribed steps:
http://go.microsoft.com/?linkid=222099. This site will be updated as more
information regarding the W32.blaster worm becomes available.

Our goal is to provide you with the information and tools you need to help
run your company safely and reliably. When we become aware of these types of
vulnerabilities, it is our goal to share protection and remediation
information with you as quickly as is possible. In order to help protect
your computing environment from security vulnerabilities, we encourage you
to use the Windows Update service by going to
http://go.microsoft.com/?linkid=222100 and also subscribe to Microsoft's
security notification service at http://go.microsoft.com/?linkid=222101. By
using these two services you will automatically receive information on the
latest software updates and the latest security notifications, thereby
improving the likelihood that your computing environment will be safe from
the worms and viruses that occur.

Thank you,

Microsoft Corporation

For information about Microsoft's privacy policies, please go to

More information about the list mailing list