The W32/Blaster worm carries a Denial of Service payload, attacking the windowsupdate.com website starting on the 16th August 2003. The payload has been extraordinarily effective before it even sent a single packet because Microsoft has announced it has withdrawn the targeted site, permanently! Sean Sundwall, a spokesman for Microsoft said: "One strategy for cushioning the blow was to extinguish Windowsupdate.com. We have no plans to ever restore that to be an active site." Microsoft users can still update their systems by visiting http://windowsupdate.microsoft.com or http://www.microsoft.com.
"(Microsoft) figured out - quite correctly - that no web server could survive under the attack load generated by tens of thousands of infected computers. So Microsoft simply disconnected this server from the web and removed its name from domain name systems," explains Mikko Hypponen, Director of Anti-Virus Research at F-Secure Corporation. "Windowsupdate.com will probably never return. So in this sense, the worm accomplished what it wanted: windowsupdate.com is no more."
The possibility that the high volume of traffic for windowsupdate.com would overload switches and routes at ISPs around the world was very real, but, because the site no longer exists, the worm will not send the traffic.