The W32.Blaster.Worm is a worm that exploits the DCOM RPC (remote procedure call) vulnerability by using TCP port 135, as described in Microsoft Security Bulletin MS03-026.
Some customers whose computers have been infected may not notice the presence of the worm. However, others whose computers are not infected may experience problems because the worm is attempting to attack their computers. Typical symptoms may include the computer restarting every few minutes without user input, becoming unresponsive, or displaying an unexpected System Shutdown message.
The worm targets only the following products:
- Microsoft Windows NT® 4.0
- Microsoft Windows® 2000
- Microsoft Windows XP
- Microsoft Windows Server™ 2003
For more information about the Blaster Worm and how to protect your computer, see What You Should Know About the Blaster Worm and Its Variants.