homepage Welcome to WebmasterWorld Guest from 54.243.17.133
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

    
New computer virus...
More than 14,000 copies of the virus have been sent to the UK since Monday
Robert Charlton




msg:285805
 2:59 am on Jan 14, 2003 (gmt 0)

If this hasn't been posted yet, there's a new computer virus. Article here. [news.ninemsn.com.au]

The virus is sent under a variety of names which typically come with attachments making identification difficult.

He advised anyone who thinks they might have a message with the virus not to open it but also not to delete it as this activates it and sends the message to any email address it can find on the computer.

The articles don't give it a name... It's reported it comes in a zipped file, and new Norton AV definition files, dated today, include protection for a zipped virus.

 

deejay




msg:285806
 3:14 am on Jan 14, 2003 (gmt 0)

It's Lirva they'll be talking about

More info here at Symantec. [securityresponse.symantec.com...]

It exploits an Iframe vulnerability to activate the virus when you open the email itself - there's info and a link to a patch for the vulnerability at Symantec.

I would doubt, however, that it activates when deleting the email - assuming you mean right clicking in the inbox window and deleting. The same was said of Badtrans & its variants (which had the similar 'open email to auto-activate' problem) - wasn't true then either.

Visit Thailand




msg:285807
 3:28 am on Jan 14, 2003 (gmt 0)

I am amazed by how many people still have there preview panes etc open.

Often they do not realise that the preview pane actually is all the virus needs to be set off.

deejay




msg:285808
 3:36 am on Jan 14, 2003 (gmt 0)

Visit Thailand...tell me about it!

I've just gone round the office and checked machines... two out of ten have preview panes open AGAIN.

Not surprisingly, one of these people is also the same person who let a virus in six months ago. Three years of educating this @hole and he's still doing it.

At this stage I'm thoroughly steamed and ready to throttle him... except he's the bloody owner. :(

Visit Thailand




msg:285809
 3:45 am on Jan 14, 2003 (gmt 0)

lol - the owner - always a problem!

It would be a great add on for MS to have an option where you can disallow preview panes in all folders across an entire network or password protect that option. I know one person who had the preview pane turned off in the inbox but not in the all the other folders!

deejay




msg:285810
 3:50 am on Jan 14, 2003 (gmt 0)

*salivating* I want that option! :)

chiyo




msg:285811
 4:15 am on Jan 14, 2003 (gmt 0)

I guess "preview pane" is a term used within MS Outlook express? Is that analogous to "show Microsoft's viewer" or "use message preview pane" in the Eudora options?

Visit Thailand




msg:285812
 4:21 am on Jan 14, 2003 (gmt 0)

Chiyo am not sure as do not use Eudora, but in Outlook and Outlook Express the preview pane cuts the window in two horizontally and allows you to read the email in the lower half without actually double clicking on it. You just select (one click) the email and that email will show up in the lower screen.

It does not open the attachment but on some of these new viruses that is not needed, you only need to open the email which is basically what preview pane does.

Finder




msg:285813
 5:14 am on Jan 14, 2003 (gmt 0)

Hmm... that's how I read my mail in Eudora. I never understood the idea of two clicks when one will do. Better go update my virus defs. :)

mivox




msg:285814
 5:31 am on Jan 14, 2003 (gmt 0)

>>At this stage I'm thoroughly steamed and ready to throttle him... except he's the bloody owner.

lol - the owner - always a problem!

Hehehe... I still get a giggle when I remember my boss's machine catching a virus and sending me an attachment titled "Me_Nude.pif"

I love having a Mac. I must say I am utterly stunned by the number of Windows viruses I receive through email every week. Amazes me how many people out there have not learned.

amznVibe




msg:285815
 5:32 am on Jan 14, 2003 (gmt 0)

Eudora can turn off the using the microsoft viewer engine and be told not to
download HTML graphics, etc. Outlook has no such option. I just spent an hour
today helping two clients switch from Outlook to Eudora for ease-of-use reasons,
not necessarily virus stuff, but its a nice bonus.

Eudora 5.2 is really powerful, converts EVERYTHING from outlook,
and also check out spamnix plugin for like 95%+ spam removal.

Trisha




msg:285816
 4:24 pm on Jan 14, 2003 (gmt 0)

I used Eudora in graduate school and really liked it, but didn't know there was a version for pc's and thought it was really expensive. I just looked at their site, and I see that it is now free.

So how difficult is it to install, set up and to change from Outlook? I have NT, will that cause any additional difficulties? Will my McAfee virusscan still work? Will I still need it? Are there any problems with using Zone Alarm with it?

Another thing I have never understood about email security -even if I switch to Eudora, or Opera mail or anything non-Outlook, I still have a windows OS. I don't understand why viruses can't still infect my computer. Ones that just send out copies of themselves through Outlook, sure, but what about ones that try to delete files, etc.? Are there still some that need to be watched out for even when not using Outlook?

Mardi_Gras




msg:285817
 4:32 pm on Jan 14, 2003 (gmt 0)

Trisha - you need to be wary of viruses no matter what e-mail client or operating system you are using. But most of the more common e-mail-borne viruses exploit specific weaknesses in Outlook and Outlook Express - if you are not using those programs to view the e-mail, it won't be able to exploit those weaknesses.

There are still lots of other ways to infect a computer, so it pays to be vigilant - use Zone Alarm, a good anti-virus program, etc. But although I use Outlook, I would have to agree that running Eudora with HTML disabled will significantly reduce your chance of being infected with certain (very common) viruses.

By the way - Outlook Express can also be set to ignore HTML.

richlowe




msg:285818
 10:38 pm on Jan 14, 2003 (gmt 0)

If you have your office and system up-to-patch, you won't have a problem with the email preview pane. Don't blame your users for taking advantage of the features of a product on their systems - keep their systems up-to-patch.

Richard Lowe

sun818




msg:285819
 11:04 pm on Jan 14, 2003 (gmt 0)

> use Zone Alarm, a good anti-virus program, etc.

Personally, desktop firewall and anti-virus programs is mostly hype. I might see some value in detecting trojans, but mostly these programs make your computer slow, unstable, and unnecessarily complex. I rather go raw and risk a virus than put up with the above 99.9% of the time.

Mardi_Gras




msg:285820
 11:08 pm on Jan 14, 2003 (gmt 0)

but mostly these programs make your computer slow, unstable, and unnecessarily complex

Wow - we sure have different experiences :)

deejay




msg:285821
 11:18 pm on Jan 14, 2003 (gmt 0)

Richlowe - on nine out of ten machines that is not particularly a problem and I check and patch regularly, but with this one user in particular he also has a habit of blowing the damn machine up regularly through one method or another... necessitating FOUR hard drive formats and reinstall from scratch last year alone. He screws it up so regularly I can't keep up with his patching - half the time I'm not even aware that his machine has been in the shop (these are consultants with laptops attached to their hips... I maintain them when I can get to them).

In two cases the reformat was overkill.. but I run the machines as a sideline to the other 99 things I do here, and frankly I didn't have time to figure out what the hell he'd done... and he's one of those users that won't tell you the truth about what he's done even if he can remember.

About half of my users here fiddle with their machines - company policy be damned - one even reformated his hard drive on his own last month (without a fresh backup I might add). Sadly, the bosses won't act on it because a) we have a very friendly workplace and, heaven forbid, a bit of discipline might put people in a bad mood, and b) there are three bosses, and two of them are fiddlers themselves.

but mostly these programs make your computer slow, unstable, and unnecessarily complex

I'm with Mardi Gras on that one.

deejay




msg:285822
 11:19 pm on Jan 14, 2003 (gmt 0)

*exhales* nothing like a good rant.

apologies for the tone.

richlowe




msg:285823
 11:30 pm on Jan 14, 2003 (gmt 0)

deejay - I understand. In my shop, I am in charge of computers, and we have instituted a policy: install something on your computer without MIS approval, immediate, no questions asked termination. Period. Only had to enforce it once.

Richard

tedster




msg:285824
 11:39 pm on Jan 14, 2003 (gmt 0)

Not sure if it's the same, but eWeek reported today about another major new virus named Sobig. And yes, it's aimed at Outlook.

Sobig Virus article [eweek.com]

Visit Thailand




msg:285825
 12:05 am on Jan 15, 2003 (gmt 0)

sobig is new and also a level 3 - www.symantec.com/avcenter/venc/data/w32.sobig.a@mm.html it seems though as if it does not do too much damage.

richlowe, I know of companies like that and some of the more tech savvy guys take it as a challenge! One I know of has even found a highly secretive way of making himself an admin without anyone knowing (and he works with an enormously high global security level)!

sun818




msg:285826
 12:19 am on Jan 15, 2003 (gmt 0)

Norton AntiVirus does in fact "slow" down your system especially if use e-mail scan. My opinion about "unnecessarily complex" is directed at ZoneAlarm. I provide software support for an auction management program. In many instances, a misconfigured ZoneAlarm ends up being the culprit.

I suppose everyone has their own comfort level.

Visit Thailand




msg:285827
 2:37 am on Jan 15, 2003 (gmt 0)

I have found NAV does not really slow down the system especially if you do not have Norton System Works installed.

The only real annoying thing with NAV is the pop up to tell you it is scanning each outgoing email (has anyone found a way of disabling this?)

Plus on windows XP when you have multiple accounts it downloads them all at the same time which makes it for me more difficult to see which email had the virus (anyone know how to get it to download them one email addy at a time like with the olders systems?)

richlowe




msg:285828
 5:05 pm on Jan 15, 2003 (gmt 0)

Plus on windows XP when you have multiple accounts it downloads them all at the same time

I had this problem and it was with Office XP. I uninstalled Office XP, installed Office 2000 (with all patches). Problem solved. Nothing to do with windows XP.

Richard Lowe

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved