We are independent & ad-supported. We may earn a commission for purchases made through our links.

Advertiser Disclosure

Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.

How We Make Money

We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently from our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.

What is the Blaster Worm?

By Jeremy Laukkonen
Updated May 16, 2024
Our promise to you
EasyTechJunkie is dedicated to creating trustworthy, high-quality content that always prioritizes transparency, integrity, and inclusivity above all else. Our ensure that our content creation and review process includes rigorous fact-checking, evidence-based, and continual updates to ensure accuracy and reliability.

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

Editorial Standards

At EasyTechJunkie, we are committed to creating content that you can trust. Our editorial process is designed to ensure that every piece of content we publish is accurate, reliable, and informative.

Our team of experienced writers and editors follows a strict set of guidelines to ensure the highest quality content. We conduct thorough research, fact-check all information, and rely on credible sources to back up our claims. Our content is reviewed by subject matter experts to ensure accuracy and clarity.

We believe in transparency and maintain editorial independence from our advertisers. Our team does not receive direct compensation from advertisers, allowing us to create unbiased content that prioritizes your interests.

The blaster worm was a malware computer program that first propagated over the Internet in 2003. Within a few days of its appearance in early August of 2003, the worm had infected several hundred thousand Windows-based computers. The blaster worm was not a zero day attack, as it exploited a security hole that had actually been patched in July of that year. Computers that already had the patch were not vulnerable, and those that could successfully download it were then protected from further exploitation. One of the functions that the blaster worm carried out was to use infected computers in a series of distributed denial of service (DDoS) attacks on the servers responsible for providing the security patches.

In July of 2003, Microsoft® released a security patch relating to the distributed component object model (DCOM) remote procedure call (RPC) protocol. Hacker groups were able to reverse engineer the patch to discover and then exploit the vulnerability it was meant to fix. They designed a worm using a file called MSblast.exe, which is where the name blaster comes from.

The blaster worm was designed to propagate directly through the Internet, and did not require a user to download a file or open an attachment. Once a computer was infected, the worm would contact a large number of Internet protocol (IP) addresses on port 135. If a vulnerable Windows XP® machine was contacted in this manner, the worm could replicate itself and then repeat the process.

One consequence of blaster worm infection was participation in a timed DDoS attack. Each infected computer was set to direct a large amount of traffic at the servers responsible for distributing patches. These attacks depended on the local clock of the infected computer, resulting in a continuous wave of excess traffic directed at the servers. This strategy prompted eventual changes to the way these update systems work, so that critical patches would remain available in the face of future attacks.

Once the nature of the infection was discovered, many Internet service providers (ISPs) began to block traffic on port 135. This effectively stopped the propagation of the worm across these ISPs, though a large number of machines had already been infected. As cleanup operations began, a number of variants began to appear. Of these variants, one used the same exploits to attempt a forced patch of the problem. This has been referred to as a helpful worm, despite the fact that it resulted in a number of problems of its own.

EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.

Discussion Comments

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.