Hear me, infidels!!! Convert ye now to Linux, or suffer ye great torture at the hands of thy Micro$oft shitware! I am a Linux devotee by far. I am compelled, however, to use Windows for some of my chip design software. Last night I was at home typing some email messages, when my machine suddenly announced that it was shutting down due to some RPC (Remote Procedure Call) nonsense. I yelled at it repeatedly, but it shut down anyway. Then it did it again as soon as I booted up. I didn't know it yet, but I had been hit by the DCOM worm. I'm not used to worrying about that stuff because I always used to be behind a Linux firewall which protected Windows from itself. I called James and told him about my computer mysteriously shutting down. While I was on the phone with him, he got hit by the worm too. His machine shut down as we spoke. Naturally this worm wouldn't exist if Microsoft software engineers had ever attended a goddamn day of class in college. Basically, newer versions of Windows implement a variety of features which allow remote access. One of the most annoying of these is the Windows Messenger Service, which allows any outsider to immediately create a popup on your screen. GREAT FUCKING FEATURE MICROSOFT! The DCOM problem is much much worse. The RPC functionality in Windows is designed to allow multiple machines to collaborate on computing tasks. Evidently we all get this feature, whether we need it or not. It allows any outsider to hack into a Windows system and run programs on it as if they owned it. The DCOM (Distributed Component Object Model) is part of the RPC system. It was recently discovered that you can confuse the RPC system by sending a nonsense DCOM request. This results in a "buffer overflow" which inadvertently allows the hacker to log into your machine and do all sorts of things. It is one of the easiest exploits ever. Written in the very worm itself is a valid question: "billy gates why do you make this possible? Stop making money and fix your software!" I'm no fan of this worm but I can agree with this. After my Windows system was rendered useless by the worm, I rebooted into Linux, my refuge. Within an hour of my being infected, the worm showed up on CNN. More information, with links to patches, is on ZDNet, which notes that patches were made available on July 17. The worm was nervously anticipated by security analysts during the past week [Symantec]. I'm just now discussing the Windows Update patches with Aussie Dave. Both of us have experienced "update patches" which totally wreck the machine, so we don't normally install them. Like I said, it isn't really an issue for typical use behind a firewall. C source code for the original DCOM exploit is here. (This program is just a demo, not a worm). D-Shield tracks valuable information about this and other exploits. A "fix" for the worm is supposedly available here, but I haven't tried it yet.