Windows Firewall Evolution Since Blaster Worm Attack

Windows Firewall

In 2003, the infamous Blaster worm attack shook the internet. Millions of computers were infected. Thousands of PCs remained infected in the following 2-year period. The reign of the worm can be felt up until this day. Millions of dollars in damages and a frightening amount of PCs infected in a glance of an eye. Windows Firewall was updated immediately, but the damage was done. It was a futile attempt to lick the wounds.

Blaster Worm and Its “Legacy”

Blaster worm is a bizarre beast. It preys on a vulnerability first discovered by a group of coders from Poland. The problem was reported immediately. Sadly, the first version of the worm was already out there. The evil program used the buffer overflow issue in the RPCservice. This was not supposed to be the weakest link.

The Windows RPC service is a mostly secure remote access tool. It works quite well and usually does not have any stability or security issues. Most versions of the RPCservice do not show such weaknesses. The issue was with the version created for Windows XP, 2000, and NT 4.0.

Later studies showed that XP was the most vulnerable. However, the code and security measures implemented in XP were not to be blamed. The worm simply had a bias towards XP during the process of selecting the next target. It would choose a system randomly but with a 60% bias towards XP systems.

The initial spread of the virus is violent. It erupts in spikes of activity. Whole networks quickly succumb to the infection once it hits a single PC. The Windows RPC service becomes the way to freedom the worm so desperately seeks. After the initial period of activity, the worm enters its stable state. It hides across networks on several PCs.

Why Windows Firewall Fails

One of the safest bets against the worm is to entirely prohibit any changes that can be done to your PC from a remote location. This is also the first and foremost advice that Microsoft Support will give you. You will receive all necessary Windows Firewall settings to avoid a possible infection.

Windows Firewall settings should be changed according to recommendations from the support team of the Microsoft corporation. You must be cautious if you have an older OS such as XP or 2000.

The installation of the latest security patch is heavily recommended. You will need to get an 823980 or an 824146 patch to protect your machine from cyber-attacks.

All these measures do not protect you completely. You won’t get a 100% impenetrable wall between you and the attacker. All your efforts will be futile if a hacker wants to get easy access to your outdated OS. Even fresher versions of Windows may be easily hacked with enough dedication and persistence.

Regardless of what Windows Firewall Settings you use, there will be vulnerabilities and holes in your defense.

It sounds like a bleak scenario, but a way out exists. Instead of activating a firewall, you could use a protected VPN-connection. This will hide your PC from possible attackers and may completely conceal you from malicious attacks. The worm will never know the true identity of your PC and its internet “address”.

Threats like the infamous Blaster made VPN service providers as vital as they are. You cannot rely only on the means of protection that Microsoft decided to arm you with. Getting a reliable VPN provider is the best line of defense against the dangers of the internet.

The Main Takeaway

The Blaster virus exposed some of critical holes in the software produced by Microsoft. The Windows and its firewall improved immensely. Sadly, the results are still lacking, and VPN is the only truly safe way to browse the internet up to date.