Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

How to protect your computer from viruses

From: William Knowles <wk () C4I ORG>
Date: Fri, 19 May 2000 12:20:00 -0500
http://news.cnet.com/news/0-1005-200-1902512.html?tag=st.ne.1002.thed.ni

By Stephen Shankland
Staff Writer, CNET News.com
May 19, 2000, 12:00 p.m. PT

Computer users don't need to feel helpless against the onslaught of
viruses such as "NewLove."

In addition to installing antivirus software and keeping virus
definitions up-to-date, there are other measures people can take to
reduce the likelihood that their computers will be infected or damaged
by NewLove or similar viruses, according to experts.

First, people can delete any email sent with attachments ending in the
letters ".vbs," which indicates a file that's a type of Windows
program called a script. Although it's possible that some companies
would send legitimate VBS files, it's unlikely, said Kevin Haley, a
researcher at Symantec's antivirus research center.

In general, people should avoid opening attachments with the
extensions ".vbs," ".exe," ".com" and ".js," added Trend Micro
antivirus researcher Tony Qin. All of these types of files contain
programs that can be executed.

Second, people can disable Windows Scripting Host, the Windows feature
that runs the VBS programs, Haley said. "If they don't use it in their
organization, it makes sense to do that," he said.

However, shutting off the Windows Scripting Host could cause other
complications, and Robert Weller, a researcher with Computer
Associates' eTrust team, said it's an extreme measure.

The most effective way to eliminate the risks associated with Windows
Scripting Host is to remove it completely, Haley said. He gives the
following instructions for doing so:

"The windows scripting host can be uninstalled from the Control Panel.

From the 'Add/Remove Programs' icon, click on the 'Windows Setup' tab.

Go to 'Accessories' and double-click. From there you will find a check
box for 'Windows Scripting Host.' Uncheck it."

A third measure is to disable the "preview" pane in Microsoft
Outlook's email window. Using the preview feature is the same thing as
opening an email, Qin said. Although it won't open an attachment, some
viruses execute just from viewing the email.

Microsoft is in the process of modifying Outlook so it's less
vulnerable to virus attacks, though the update isn't yet available,
Qin said. The modifications Microsoft has planned would have prevented
a NewLove attack, he added.

Finally, people can run online antivirus checks such as Trend Micro's
free HouseCall service, which searches a computer's hard drive for
malicious programs.


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: