Security Incidents mailing list archives
Re: New "concept" virus/worm?
From: "Bernie Cosell" <bernie () fantasyfarm com>
Date: Tue, 18 Sep 2001 16:13:22 -0400
On 18 Sep 2001, at 14:01, Jim Olsen wrote:
This is a cumulation of the information i've found on W32.nimda thus far: W32.nimda is NOT a code red variant, and the people who referring to it as "Code Blue" were mistaken...
[...]
EVERYONE who uses internet explorer to browse the internet should probably do one of two things to stop from being automatically infected by W32.nimda (i have not tested whether or not turning off javascript fixes the problem): o) don't browse web pages until microsoft releases a patch o) turn OFF javascript
I was under the impression that the vulnerability that nimda exploits was known and has been patched (in May) <http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q290108> <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-020.asp>
EVERYONE who uses outlook/outlook express should, at the very least, not open any attachments that they are not expecting.
THIS recommendation has nothing to do with nimda -- anyone who hasn't gotten *THIS* message yet is hopeless... Taking the opportunity to restate it here is OK, I guess, since a lot of folk jsut WONT get the message.
. Turning off auto-preview might be a good idea as well.
Why? /bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:bernie () fantasyfarm com Pearisburg, VA --> Too many people, too few sheep <-- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- New "concept" virus/worm? Joao Gouveia (Sep 18)
- Re: New "concept" virus/worm? Jay D. Dyson (Sep 18)
- Re: New "concept" virus/worm? Brett Glass (Sep 18)
- Re: New "concept" virus/worm? Berislav Kucan (Sep 18)
- Re: New "concept" virus/worm? Jim Olsen (Sep 18)
- Re: New "concept" virus/worm? Bernie Cosell (Sep 18)
- MIME type of readme.eml (was Re: New "concept" virus/worm? Rob Quinn (Sep 19)
- Re: MIME type of readme.eml (was Re: New "concept" virus/worm? Henrik Pedersen (Sep 19)
- Re: New "concept" virus/worm? Brett Glass (Sep 18)
- Re: New "concept" virus/worm? Jay D. Dyson (Sep 18)
- Re: New "concept" virus/worm? Ryan Russell (Sep 18)
- Re: New "concept" virus/worm? Nick FitzGerald (Sep 18)
- Re: New "concept" virus/worm? Jim (Sep 18)
- Side Affect of the new worm: HD fills up Stanley G. Bubrouski (Sep 19)
- Re: New "concept" virus/worm? Michael H. Warfield (Sep 18)
- RE: New "concept" virus/worm? Joseph P Frazee (Sep 18)