Note: The Rootsweb Mailing Lists will be shut down on April 6, 2023. (More info)
RootsWeb.com Mailing Lists
Home

Results for list 'brooks-ne'

Total: 1/1
    1. [B-NE] BadTrans VIRUS -- Addendum
    2. Christopher Brooks

    3. >"This worm, similar to the recent W32/Aliz and W32/Nimda worms, uses >a special trick to execute even if a mail is just opened or previewed >in Outlook/Outlook Express. This is accomplished using a known >security hole "Incorrect MIME Header Can Cause IE to Execute E-mail >Attachment". > >Information and patch is available from: > >http://www.microsoft.com/technet/treeview/default.asp?url=/technet/sec >urity/bulletin/MS01-020.asp > >The security hole is a known issue with Internet Explorer versions >5.01 and 5.5 without SP2 . Users who have this configuration should >apply >the available patch." ---Symantec Message--- The W32.Badtrans worm spreads itself by automatically replying to all emails in an infected computer's inbox, rather than using the address book as many other worms do. When the infected person received your email from the mailing list, W32.Badtrans replied to it automatically. Symantec Consumer Technical Support. The difficulty is that the attachment may not show or there is a false extension. It appears to have xxx.doc or xx.txt but the real extension ( .scr.or .exe) is 59 spaces to the right. So even if you get a email from a trusted source ( me or others) and there is no message etc, be very careful. It will also show about 29 or 30k as the size of the message. So that is a dead giveaway in that there is 30 k of message and it doesn't show up anyway . <Assorted cut-and-paste stuff from other lists this a.m.> =============================== Internet Explorer users are also vulnerable to this worm. I escaped contamination by using Eudora for email and NOT Outlook Express. I'm either clairvoyant or lucky, in that I also have replaced Internet Explorer with a non-Microsoft product. Other browser options are Netscape (free), Opera (free, and a superior product), and Net Captor (not free, $30 to register, a terrific I/E clone, but without the security holes, which I use). Again, run a Google search to locate the home/download page for any of these products. Please be sure, if using Internet Explorer, that you have ALL Microsoft security patches installed which are available for your version. You can do this by running the Windows Update installed on your machine, which will log onto the Microsoft site, analyze your installation, and then download the appropriate patches. If you haven't got Windows Update installed, use the [Start/Find/File or Folder] function in Windows to search for a file named WUPDMGR.EXE, which you can then run manually by double-clicking it. It's normally installed in C:WINDOWS. Best to close your email program as soon as you've read this warning, and not to open it again until you've done a "clean sweep." Chris

    11/27/2001 12:46:09