Icon of program: Microsoft Security Update

Microsoft Security Update for Windows

Download now

Used Microsoft Security Update for Windows?

Clicking on the Download Now (Visit Site) button above will open a connection to a third-party site. Download.com cannot completely ensure the security of the software hosted on third-party sites.

Editors’ Review

Download.com staff
This critical security update addresses the W32.Blaster.Worm. Applying patch MS03-026 is essential to prevent exploitation of a DCOM RPC vulnerability and system reboots.

  • Pros

    • Prevents Blaster Worm infection
    • Protects against DCOM RPC vulnerability
    • Mitigates system reboots
    • Stops unauthorized file execution
    • Enhances system security

  • Cons

    • Does not detect existing infections
    • Requires manual application
    • Does not remove the worm if already present
    • Relies on user action for installation
Icon of program: Microsoft Security Update

Microsoft Security Update for Windows

Download now

Used Microsoft Security Update for Windows?

Explore More

Full Specifications

GENERAL
Release
Latest update
Version
MS03-026
OPERATING SYSTEMS
Platform
Windows
Operating System
  • Windows 2003
  • Windows 10
  • Windows XP
  • Windows 98
  • Windows 2000
Additional Requirements
Windows XP, Windows 2000, Windows Server 2003, Windows NT 4.0, NT 4.0 Terminal Services Edition
POPULARITY
Total Downloads
5,071
Downloads Last Week
1
Report Software

Program available in other languages

Last Updated

Developer’s Description

By Microsoft
Security patch to prevent Blaster Worm virus
The Microsoft Product Support Services Security Team is issuing this alert to inform customers about a new worm named W32.Blaster.Worm which is spreading in the wild. This virus is also known as: W32/Lovsan.worm (McAfee), WORM_MSBLAST.A (Trendmicro), Win32.Posa.Worm (Computer Associates). Best practices, such as applying security patch MS03-026 should prevent infection from this worm.

This worm scans a random IP range to look for vulnerable systems on TCP port 135. The worm attempts to exploit the DCOM RPC vulnerability patched by MS03-026.

Once the Exploit code is sent to a system, it downloads and executes the file MSBLAST.EXE from a remote system via TFTP. Once run, the worm creates the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "windows auto update" = msblast.exe I just want to say LOVE YOU SAN!! bill

Symptoms of the virus: Some customers may not notice any symptoms at all. A typical symptom is the system is rebooting every few minutes without user input. Customers may also see:

  • Presence of unusual TFTP* files
  • Presence of the file msblast.exe in the WINDOWS SYSTEM32 directory

To detect this virus, search for msblast.exe in the WINDOWS SYSTEM32 directory or download the latest anti-virus software signature from your anti-virus vendor and scan your machine.

Download.com
Your review for Microsoft Security Update