Hosting Provided By

Re: Blaster vs. Kaht2

From: Micheal Patterson <micheal(at)cancercare.net>
Date: Wed Aug 13 2003 - 11:19:54 EDT

Original Message ----- From: "Amer Karim" <amerk@telus.net> To: "Focus on Microsoft Mailing List" <FOCUS-MS@securityfocus.com> Sent: Tuesday, August 12, 2003 4:44 PM Subject: FW: Blaster vs. Kaht2

> Sorry - sent that to Marc off-list by mistake. Meant to post it to the
the
> Symantec site.

I'm trying to get information as well on the symptoms of the kaht2. I have systems that were at current patch level, scanned clean with current norton av, the DCOM patches were manually applied as opposed to windows update, system reboots clean. Scans clean, shows no signs of infection. Reboot again, and the control panel applet shows all icons in a left hand frame and the fonts are mangled in add-remove programs. I've got 8 systems that have these sysmptoms.

Thanks.

--

Micheal Patterson
TSG Network Administration
405-917-0600



---------------------------------------------------------------------------
Your network firewall and IDS products do not prevent Web application 
attacks - the most common form of online exploitation- resulting in Web 
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web 
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":
http://www.securityfocus.com/Kavado-focus-ms
---------------------------------------------------------------------------

Received on Wed Aug 13 16:47:32 2003

This message: [ Message body ]
Next message: Kim, Cameron: "New variant. Blast.b"
Previous message: Geoff.Shatz(at)pchelps.com: "RE: DCOM Worm"
In reply to: Amer Karim: "FW: Blaster vs. Kaht2"
In reply to Mario Davids: "RE: Blaster vs. Kaht2"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:35 EDT