SCN: Re: E-mail viruses & worms.
Scot Harkins on scn.org
scoth at scn.org
Tue May 28 00:39:08 PDT 2002
For users of MS Outlook Express, the vulnerability used by worms like
the Klez family was closed last year by MS. The fix was available in
an update downloaded from MS' Windows Update site. The problem is,
many, if not most, home users do not check for updates. The current
spate of Klez infections would dwindle and die if folks would just run
the updates. They're free, and easy to download and install.
If you are running anything from Windows95 and up, visit
windowsupdate.microsoft.com, click on either of the "Product Updates"
links. If it has been a while since your last visit you will be asked
to install the latest mini-program that assesses what updates you
need; acknowledge the request and let it install. The assessor will
check your current software against a list of current updates and
determine what updates you need, what updates would be nice, and other
updates of interest. You are looking for the "Critical Updates and
Service Packs" section, which comes first. It will bundle all the
critical updates together, and perhaps include service packs, if any.
Critical updates are already selected for download, so all you have to
do is click the "Download" button. Follow the download screen from
there, close all other programs, answer yes to install the updates,
let the download and install proceed, and be prepared to reboot when
the install is complete.
>From Windows98 and up to WindowsME, and in Windows 2000, there is
already a "Windows Update" selection in the Start menu.
Run the updates from time to time to install patches as MS releases
them. If you install any of the other programs listed (which can also
be okay), come right back again to see any critical updates for that
software.
Some folks will say "I installed an update that once crashed my
computer!" Every now and then something on someone's computer goes
awry and the install conflicts or crashes altogether. In hundreds of
updates on lots of computers over a few years I've only had this
happen a few (3-5) times. It's a risk, but small. Compared to the
damage done by these worms and other holes left open by _not_ running
the updates, the risk is worth it.
In addition to updates, you really do need anti-virus software,
whether on Windows or Mac. It's just a good practice, and the price
(usually about $30 for home versions) easily beats the cost of your
time and hassle recovering from the nastier viruses and worms. Just
as important as having the software is keeping it up to date. The
most frequent updates download new files telling the software about
new viruses and worms to watch out for on your system. Less
frequently but just as important are updates to the program itself,
fixing bugs or holes that some new viruses try to use to disable the
anti-virus software.
Anti-virus programs also defend your computer from being used by
viruses and worms to launch attacks on other computers or to spread
more viruses and worms. When you get infected, it's not just your
computer that's hit. Most viruses and worms send copies of themselves
out to your email contacts (and email addresses they find elsewhere,
like in documents), so you are exposing your friends to the same
viruses. The worst part is that the latest viruses and worms send
copies of themselves out but lie about who sent the virus, so your
friends may receive a copy but it may look like it came from someone
else, so they will not know to tell you that your computer is
infected. These virus writers are just getting nasty.
So, yes, MS messes up a lot, and compromises your system safety for
their profit, but at least this hole, allowing a web-page email to run
a program automagically, is long-closed. All you have to do is keep
up with the updates, both for Windows and for your anti-virus
software.
Ciao!
Scot
--
Scot Harkins (KA5KDU)
Greenbank, WA, US
Phone: 360-678-5880
Email: scoth at bigfoot.com
URL <http://www.bigfoot.com/~scoth>
--
----- Original Message -----
From: "J. Johnson" <jj at scn.org>
To: <scn at scn.org>
Sent: Friday, May 24, 2002 1:58 AM
Subject: SCN: E-mail viruses & worms.
> This message is for those of you that download e-mail (whether from
SCN or
> else where) and read it with the usual Microsoft software. If you
login
> to SCN to read your e-mail (without downloading it) you need not
worry,
> even if you do receive infected e-mail.
>
> We see a relatively small but steady stream of messages containing
e-mail
> worms trying to infect other PCs. (Worms differ from viruses in
that they
> will run on their own.) The latest worms go through your files
looking
> for e-mail addresses of your friends and associates to send infected
> messages to. This can be pretty embarassing!
>
> These worms can do this automatically because of some egregiously
bad
> "features" in MS software, such as the the _default_ behavior of
> automatically opening e-mail attachments and running them. It is
strongly
> recommended by all authorities that these be turned off, and other
> protective measures taken.
>
> If you need assistance in protecting your machine there are various
sites
> that can assist you, such as CERT (www.cert.org), which also has
links to
> the principal anti-virus software sites. Please check them out.
>
> === JJ =============================================================
>
> * * * * * * * * * * * * * * From the Listowner * * * * * * * * * *
* *
> . To unsubscribe from this list, send a message to:
> majordomo at scn.org In the body of the message, type:
> unsubscribe scn
> ==== Messages posted on this list are also available on the web at:
====
> * * * * * * * http://www.scn.org/volunteers/scn-l/ * * * * *
* *
>
* * * * * * * * * * * * * * From the Listowner * * * * * * * * * * * *
. To unsubscribe from this list, send a message to:
majordomo at scn.org In the body of the message, type:
unsubscribe scn
==== Messages posted on this list are also available on the web at: ====
* * * * * * * http://www.scn.org/volunteers/scn-l/ * * * * * * *
More information about the scn
mailing list