Responding to complaints from ISPs who are still detecting abnormal traffic on the Internet, Microsoft has released a tool to ensure that the Blaster worm is removed from infected PCs.

The worm, technically known as W32.Blaster.Worm, exploits the Distributed COM (DCOM) Remote Procedure Call (RPC) vulnerability on Windows XP and Windows 2000 computers, as described in Microsoft Security Bulletin MS03-039.

Installing the patch fixes the vulnerability, but does not remove the Blaster worm, so the computer may continue to generate network traffic as it attempts to locate and infect vulnerable computers.

Customers should use the Microsoft Windows Blaster Worm Removal Tool, or one of the equivalent tools that have been available for some time from antivirus companies, on all computers running Windows XP and 2000 that may have been infected by Blaster. Organizations may also want to tell employees who log on from home to use the tool on their home PCs to avoid reinfecting corporate PCs and to reduce unwanted network traffic.

For the Blaster worm removal tool for Windows XP and 2000 (KB833330), see www.microsoft.com/downloads/details.aspx?FamilyID=e70a0d8b-fe98-493f-ad76-bf673a38b4cf&displaylang=en.

For more information on the Blaster worm removal tool, see support.microsoft.com/?kbid=833330.

For more information on the vulnerability that Blaster exploits, and to get the patch for the vulnerability, see www.microsoft.com/technet/security/bulletin/MS03-039.asp.