Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

IP: A New Risk to Computers Worldwide

From: Dave Farber <dave () farber net>
Date: Sat, 27 Apr 2002 16:53:03 -0400

------ Forwarded Message
From: "John F. McMullen" <observer () westnet com>
Date: Sat, 27 Apr 2002 10:45:57 -0400 (EDT)
To: johnmacsgroup () yahoogroups com
Cc: Dave Farber <farber () cis upenn edu>, <declan () well com>, Open Source
Intelligence Network <osint () yahoogroups com>
Subject: A New Risk to Computers Worldwide


From the New York imes --

http://www.nytimes.com/2002/04/27/technology/27VIRU.html?todaysheadlines

A New Risk to Computers Worldwide
by John Schwartz

A rogue computer program that is the online equivalent of a quick-change
artist is infecting computers around the world via e-mail and clogging
computer networks.

The program, W32/KLEZ.H, is a "blended threat," combining elements of a
virus, which infects machines, and a worm, which transports itself from
machine to machine. It also tries to disable some antivirus programs.

It makes itself hard for users to spot by changing its e-mail subject
line, message and name of the attachment at random, drawing from a
database that includes, for example, such subject lines as "Hello, honey,"
and "A very funny website."

The program has grown increasingly common as users unknowingly activate it
sometimes without even opening the e-mail attachment that carries the
virus  and allow it to send copies of itself to those in the victim's
e-mail address file.

"It is exploding," said Keith Peer, chief executive of Central Command, a
computer security company.

The rapid spread of the program caused Symantec and McAfee.com, two
prominent computer protection companies, to upgrade their warnings about
it in recent days; Symantec said on its Web site that it now considered
the program a "category 4" risk, its second-highest ranking.

The program exploits vulnerable spots in computer programs, most notably a
problem in earlier versions of Microsoft's mail programs, Outlook and
Outlook Express, which allows some types of computer programs to be
activated even if they are in the "preview pane."

The program can also grab files randomly from victims' hard drives and
send them out, but it does little damage to the machines themselves,
antivirus companies said.

Microsoft has had patches available to fix these problems for more than a
year, but many people do not keep their software up to date, said Vincent
Weafer, the director of research at Symantec Security Response.

Although most antivirus software programs already provided protection
against the Klez family, the new variant has enough new wrinkles to trick
some of the digital sentries. The latest versions of software have been
updated to block the worm, and the companies offer free online tools to
cleanse infected machines.


   "When you come to the fork in the road, take it" - L.P. Berra
   "Always make new mistakes" -- Esther Dyson
   "Be precise in the use of words and expect precision from others" -
    Pierre Abelard
                          John F. McMullen
   johnmac () acm org ICQ: 4368412 Fax: (603) 288-8440 johnmac () cyberspace org
                  http://www.westnet.com/~observer



------ End of Forwarded Message

For archives see:
http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: