Bolgimo is a Win32 computer worm, a self-replicating computer program similar to a computer virus, which propagates by attempting to exploit unpatched Windows computers vulnerable to the DCOM RPC Interface Buffer Overrun Vulnerability[1] using TCP port 445 on a network. The worm was discovered on November 10, 2003, and targets Windows NT, 2000 and XP Operating Systems.

If a target computer is successfully infected, the worm will call the user's attention to the fact that the machine is vulnerable, download the patch to the user's desktop and run the patch installer. The worm also attempts to shut down processes linked to other malware known to exploit the same vulnerability, like MSBlaster.[2]

Aliases

Worm.Win32.Bolgi (Kaspersky)
W32/Bolgimo.worm (McAfee)
W32.Bogi.Worm (Symantec)
Worm/Bolgi.A (Avira)
W32/Bolgi-A (Sophos)
Worm:Win32/Bolgimo.A (Microsoft)

References

  1. "Microsoft Security Bulletin MS03-026".
  2. "Symantec W32.Bolgi.Worm".


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.