1. Symantec/
  2. Security Response/
  3. W32.Dinkdink.Worm


Risk Level 1: Very Low

August 18, 2003
February 13, 2007 12:05:02 PM
Systems Affected:

W32.Dinkdink.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. The worm targets only Windows 2000 and Windows XP machines. While Windows NT and Windows 2003 Server machines are vulnerable to the aforementioned exploit if it is not properly patched, the worm is not coded to replicate to those systems.

W32.Dinkdink.Worm uses a two-step procedure to spread itself, using a fixed server from which to download itself. As of this writing, this server does not appear to contain a copy of the worm, it does therefore appear that the worm will no longer spread.

NOTE: Virus definitions dated August 19, 2003 may detect this threat as W32.Blaster.D.

Antivirus Protection Dates

  • Initial Rapid Release version August 19, 2003
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version August 19, 2003
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date August 19, 2003
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Atli Gudmundsson

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube