A new worm / virus by the name of W32.WELCHIA.WORM has been identified as a security issue for customer's running the following Microsoft Windows Operating Systems:
Microsoft Windows NT 4.0
Microsoft Windows 2000
Microsoft Windows XP
Microsoft IIS (Internet
Information Server)
If your computer is infected
with the W32.WELCHIA.WORM, it may do the following to your system:
Attempt to download the
DCOM RPC patch from Microsoft's Windows Update Web Site, install it, and
then reboot the computer.
Check for active machines
to infect by sending an ICMP echo request, or PING, which will result in
increased ICMP traffic.
Attempt to remove W32.Blaster.Worm.
If this worm already
exists within your computer, please visit Symantec's
web site for information on how to remove this worm from your system.
To help protect your computer against this and other worms and viruses, Microsoft recommends applying the following patches, which can be obtained from the Microsoft Web Site:
Microsoft Security Bulletin
MS03-026
Microsoft Security Bulletin
MS03-007
The W32.WELCHIA.WORM
is also known as:
W32/Welchia.worm10240
[AhnLab]
W32/Nachi.worm [McAfee]
WORM_MSBLAST.D [Trend]
Lovsan.D [F-Secure]
W32/Nachi-A [Sophos]
Win32.Nachi.A [CA]
Worm.Win32.Welchia [KAV]
-----------------------------------------------------------
Latest
virus-related threats discovered by Symantec