SCI/TECH: Arafat Worm Exploits MS Vulnerability

A new computer worm designed to exploit the death of Yasser Arafat is spreading through email inboxes. It exploits an existing Microsoft Windows security hole, allowing an attacker to access an infected computer. Microsoft has released a patch for this security hole available for download here. Those Windows users who have already installed XP Service Pack 2 are not at risk.



Not all antivirus programs have created definitions for this new virus, so do not open an attachment if you receive an email that bears the subject line "Latest News about Arafat!!!"

Related Information:
F-Secure Virus Info


[edit on 17-11-2004 by Banshee]

Jesus! How many security holes does windows have? I just stopped downloading the patches. It seems that my machine gets buggier with each update...

yer, its not good with all these viruses on the net floating around. i noticed it said

is the first to exploit the known Extended MetaFiles vulnerability

does that mean we can expect quite alot of these viruses exploiting the weakspot it says it has?

rynadlo

Originally posted by rynaldo82

is the first to exploit the known Extended MetaFiles vulnerability

does that mean we can expect quite alot of these viruses exploiting the weakspot it says it has?

rynadlo

All depends on how fast Microsoft deceides to come out with a security patch for this.

XP SP2 patched this bugger, so if you haven't installed that yet, a link is provided for the standalone patch in the main story.

People, just use a firewall, that�s more than enough to use Windows safely

Posted by: Thorfinn Skullsplitter
Jesus! How many security holes does windows have? I just stopped downloading the patches. It seems that my machine gets buggier with each update ...

That's interesting. My machine gest less buggier and runs better. You need to have your antivirus scanner and firewall up ALL THE TIME when connected to the internet. One weakness I have noticed in windows is that when you initially install windows, or if you run a windows repair from the installation disk, there is a period where windows wants to access the internet BEFORE your antivirus scanner is running or your firewall is up. That creates a vulnerability. You can avoid the vulnerability whenever you run processes such as that by just unplugging your internet cable and not reconnecting until your firewall and virus scanner are running again. When there is no physical connection to the internet, there is no chance for an intrustion during the moment of vulnerabity.

NEVER open an email attachment unless the email is from a known source that you trust. There are a number of fake emails in circulation that appear to be genuine and from trusted sources. So, beware.

Excellent advice dubiousone. Just a sidenote, the two service pack updates take a while to load/install...

The biggest vulnerability in Windows, in any operating sytem really, is the bit between the keyboard and the chair. While MS has its problems when dealing with security, it's most often the user who causes security problems. Whether it's not bothering to update virus definitions, or turning off firewalls "because it's annoying" or not bothering to click on the OK button when the freaking OS does everything except walk the dog for them...

Ok, I feel better now. Seriously, though, if Windows was replaced today by OS X or Linux, in a year we'd be complaining about "another d@mn exploit for ."

Really, when people give their passwords up for chocolate it's hard to hold software makers solely responsible.

Big deal there�s a new exploit every week, not to mention the ones we dont already know about!

The biggest vulnerability in Windows, in any operating sytem really, is the bit between the keyboard and the chair.

Too true, in school all we learnt was how to use spreadsheet and word, big f**King deal my cat could use those progs. There are to many idiots using computers these days. In turn it allows bored 14yr olds to take advantage. All i can say is, if you dont have a firewall or an AV prog, you deserve what you get!

Well, I keep on top of the security updates, but yesterday I got a virus on my lap top and has rendered my OS useless.

And the thing is I had my virus scan on, and no warning.

Does anybody knows if is a new virus out there that can do so much damage as to render your hard drive useless.

Marg6043: You have to keep current with security updates to your OS, keep your virus definitions current, and keep your firewall up to date, and then have your virus scanner and your firewall up and running 100% of the time when you are connected to the internet. Even that will not stop all intrusions if you are in the habit of visiting certain kinds of web sites and dowloading content from them. Porn websites are notorious as vehicles for injecting malicious code onto a users system. Obviously, I don't know what kinds of websites you visit or what you download, so I am not suggesting that you are doing that. But, beware that whenever you download content you are taking a risk of sorts.

Well, not porn downloading that is for sure, I download a trial of zonealarm and the computer top working after I unistalled so that is all I know. My main computer is fine and I always get the warns went I have something suspicious.

So I have somebody checking on it, right now it does not even wants to run the repair disk.