Internet Virus Alert: Central Command Warns Of New RPC Computer Worm Named Worm/Lovsan.A

New Internet worm exploiting the known RPC Buffer Overrun vulnerability gains momentum

MEDINA, Ohio August 11, 2003 – Central Command, a leading provider of PC anti-virus software and services, today warns Internet users of Worm/Lovsan.A, an Internet worm circulating worldwide. Discovered on August 11, 2003, Worm/Lovsan.A, attempts to use the RPC Buffer Overrun vulnerability (a security hole) within un-patched Microsoft Windows NT, Windows 2000, Windows XP and Microsoft Windows serverâ„? 2003 operating systems. This Internet worm does not affect Linux, Unix and Apple users.

Worm/Lovsan.A is an Internet worm that exploits known security vulnerability in Microsoft’s Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface. This security breach allows someone with malicious intent to run code of his or her choice. TCP port directly affected by this exploit includes: 135.

Worm/Lovsan.A will download and run the file msblast.exe using the Trivial File Transfer Protocol (Tftp).

“Unfortunately, un-patched systems are again proving to be a vector for fast spreading Internet based worms. Updating antivirus software and patching systems against the latest exploits and vulnerabilities should become standard habit,” said Steven Sundermeier, Vice President of Products and Services at Central Command, Inc. “A properly patched system would prevent someone with malicious intent from successfully gaining control over a compromised computer under the scope of this vulnerability.”

A detailed analysis can be found at (

A patch has been available for since July 2003. More information about this vulnerability can be found in Microsoft Security Bulletin MS03-026.

Vexira Antivirus starts at $39.95, and a free 30-day trial version may be downloaded from here or obtained by contacting Central Command at +1-330 723-2062.

About Central Command: A leader in the anti-virus industry, Central Command, Inc., a privately held company, serves home PC users and industrial, financial, government, education, healthcare and service firms with virus protection software, services, and information. The company services customers in over 98 countries and is headquartered in Medina, Ohio. Visit Central Command online here or call 1-330-723-2062 for more information.

Central Command, EVRT, Vexira, and Emergency Virus Response Team are trademarks of Central Command, Inc. All other trademarks, trade names, and products referenced herein are property of their respective owners.

Don't miss