Note: This patch closes the security vulnerability exploited by the Blaster worm. eMachines STRONGLY
RECOMMENDS that you apply this patch as soon as possible to avoid becoming infected by this worm. More
information on this worm is available below.
Microsoft has released a patch eliminating a "buffer overrun" vulnerability in Windows Remote Procedure Call
(RPC). RPC is a protocol that a program can use to request a service from a program located on another computer in a network.
An attacker who successfully exploited this vulnerability could gain complete control over a remote computer. After applying
this patch, affected computers will no longer be susceptible to this vulnerability.
Note: After this Fixlet has run the patch closing this vulnerability, it will run a tool that will remove
the Blaster worm from your computer if you have already been infected. After this tool has been run, it will ask you
if you want information about the RPC patch from Microsoft. You don't need to install this patch again, as it will already
be installed, but it will not hurt you if you do reinstall it.
Note: In order to ensure that the Blaster worm is not accidentally reintroduced to your system, you need
to disable System Restore to any remove previous restore points. You may do so by following these steps:
- Click on the START button.
- Click on ALL PROGRAMS.
- Click on ACCESSORIES.
- Click on SYSTEM TOOLS.
- Click on SYSTEM RESTORE.
- Click on SYSTEM RESTORE SETTINGS (on the left side of the Window).
- Check the box next to "Turn off System Restore".
- Click on the APPLY button.
- A message will appear asking if you are sure. Please click on the YES button.
- Now uncheck the box next to "Turn off System Restore". This will remove previous restore points that
might be infected with the virus.
- Click on the OK button.
Note: After you run this Fixlet message, you must restart your computer for the vulnerability to be
Note: If after you restart your computer, the Fixlet message is still relevant, it may mean you have been
reinfected right after you removed the worm. If this happens, run the Fixlet message again and restart your computer
again. This time, you should be protected from reinfection.