Archive for Tuesday, August 12, 2003

KU issues alert about MBlast worm

August 12, 2003

Advertisement

Kansas University warned campus computer users Tuesday morning that their computers may likely have been infected by an Internet-borne worm that is rapidly sweeping around the globe.

"The MSBlast Worm, also known as Lovsan, is infecting Windows XP and 2000 systems on campus," a message on the KU Web site said Tuesday.








However, Allison Rose Lopez, external relations coordinator for KU Information Services, said more than 1,000 computers at KU had been "patched" before the worm hit.

"We haven't had a major shutdown. This was an inconvenience, but it was one that we were prepared for," she said.

Lopez explained that on July 17, Microsoft announced there was a hole in the security for its Windows XP and 2000 systems. Since that time, KU technicians have been installing security patches on computers throughout KU buildings.

Technicians were out throughout the campus Tuesday and there was no word how many computers might have not been fixed, Lopez said.

KU's Web site offers a free download of the security patch at http://www.ku.edu/acs/virus/.

KU students and employees can also call 864-0200 to get help if they can't figure out how to install the patch, she said.

According to the Associated Press, the virus-like worm, is also snarling company networks and frustrating home users as it makes its way around the globe.

The infection was part of a coordinated electronic attack that exploited one of the most serious flaws yet discovered in Microsoft Corp.'s Windows operating systems.

The worm was first reported about 2 p.m. Monday in the United States and, while appearing not to delete files or otherwise incur permanent damage, knocked many computers offline. Non-Microsoft systems, such as Apple's OS-X, were not vulnerable.

Computers infected by the worm were programmed to automatically launch an attack Saturday on windowsupdate.com, a Web site Microsoft uses to avail customers of software patches that can prevent such infections.

The infection was dubbed "LovSan" because of a love note left behind on vulnerable computers: "I just want to say LOVE YOU SAN!" Researchers also discovered another message hidden inside the infection that appeared to taunt Microsoft Chairman Bill Gates: "billy gates why do you make this possible? Stop making money and fix your software!"




For more on this story, see the 6News reports at 6 p.m. and 10 p.m. on Sunflower Broadband's Channel 6 and pick up a copy of Wednesday's Journal-World.

Commenting has been disabled for this item.