The "MS Blaster" computer worm is turning up the heat for cable operators’
customer-care centers Tuesday as it spreads across the Internet grid.
The worm -- which targets computers running Microsoft Corp.’s Windows 2000 or
Windows XP operating systems -- prompts infected computers to reboot
spontaneously.
While it is not having the damaging impact on the Internet infrastructure of
previous works, such as "Slammer," it is bedeviling home-computer users who
didn’t download a Microsoft software patch issued earlier this summer.
The worm apparently forces infected computers to fire off a slew of data to
Microsoft’s "Windows Update" service in an attempt to overwhelm and shut down
the site’s servers. That, in turn, has slowed or blocked users’ attempts to
download the necessary patch.
Particularly vulnerable are computers with always-on broadband connections,
including cable-modem customers, given the fact that the virus is spreading via
the Internet connection itself, rather than via electronic mail.
Comcast Corp. has seen a flood of calls to its customer-care centers from
users.
"We know people are infected," Comcast spokeswoman Sarah Eder said. "The
thing is that it is hard to educate people because the way the worm works, it
comes into your Microsoft operating system and then starts rebooting your
computer every 45 seconds. So that means you cannot maintain connectivity to go
get the patch."
Comcast is advising customers to start their computers in safe mode and clean
the worm’s infecting execution file from their hard drives, then download the
patch.
Since the worm would also prevent effective e-mail alerts from Comcast to
customers, Eder said the MSO is turning to public-relations outlets to try to
get the word out.
Comcast technicians are also working to block the router port the worm is
using to enter computers in an effort to slow its spread.
Similarly, Cox Communications Inc. technicians had already been working on a
port filter to block the worm before it hit Monday, and the MSO has taken in a
significant number of calls since then.
The volume appeared to have dropped Tuesday, and Cox has
added troubleshooting links to its Web site (www.cox.com
), according to spokeswoman
Laura Oberhelman. Customer-care representatives have been doling out information
to customers who can’t bring up their infected computers, she
added.
