Re: FW: PPark (was: Win 95 Question)

[r.fulton () AUCKLAND AC NZ (Russell Fulton)]

On Wed, 1 Mar 2000 21:12:38 +1100 Aussie <ifightspam () bigfoot com> wrote:

> Date sent:            Mon, 28 Feb 2000 11:54:42 -0700
> From:                 Brett Glass <brett () LARIAT ORG>
> Subject:              Re: FW: PPark (was: Win 95 Question)
>
> > Turns out that it's so. There's a new, "unpacked" variant, and the
> > current McAfee patterns don't catch it! This is probably why we are
> > seeing a resurgence.
>
> I received a copy from one of my clients last night...one that was also
> sent to the other 100 or so people in her address book.....my Norton
> sigs from 24 Feb picked it up, but hers from 7 Feb didn't. Seems like
> everyone should be doing an update ASAP.

This is correct. The 24 Feb NAV updates do detect the new variant --
however there is a gotcha.  This version of the updates will BSOD some
NT boxes.  Symantec have posted a patch for the problem.  I *think*
that liveupdate will install the patch for you but if you do the update
by hand you must install the patch first.

We lost several NT boxes yesterday after I sent out mail to all our
computer support people warning them about multiple Pretty Park
infections on campus and asking them to install the new definitions on
all servers.

Cheers, Russell.