 |
|
Topic started on 17-11-2004 @ 12:29 PM by SIRR1
|
A new computer worm designed to exploit the death of Yasser Arafat is spreading through email inboxes. It exploits an existing Microsoft Windows
security hole, allowing an attacker to access an infected computer. Microsoft has released a patch for this security hole available for download
here. Those Windows users who have already installed XP Service Pack 2
are not at risk.
www.securityfocus.com
A worm which exploits curiosity about the death of Yasser Arafat is the first to exploit the known Extended MetaFiles vulnerability. Aler is a
network worm that was widely bulk-mailed with the subject "Latest News about Arafat!!!". These infected emails had two attachments, one a clean JPEG
file and the other an infected EMF file, according to anti-virus firm F-Secure. The EMF file exploits a well-known Windows vulnerability (MS04-032) to
install the worm onto systems when the attachment is opened.
Please visit the link provided for the complete story.
Not all antivirus programs have created definitions for this new virus, so do not open an attachment if you receive an email that bears the subject
line "Latest News about Arafat!!!"
Related Information:
F-Secure Virus Info
[edit on 17-11-2004 by Banshee]
|
reply to this post:
copyright & usage
|
 |
reply posted on 17-11-2004 @ 12:33 PM by Thorfinn Skullsplitter
|
Jesus! How many security holes does windows have? I just stopped downloading the patches. It seems that my machine gets buggier with each update...
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 12:36 PM by rynaldo82
|
yer, its not good with all these viruses on the net floating around. i noticed it said
 is the first to exploit the known Extended MetaFiles vulnerability 
does that mean we can expect quite alot of these viruses exploiting the weakspot it says it has?
rynadlo
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 12:42 PM by Linux
|
Originally posted by rynaldo82
is the first to exploit the known Extended MetaFiles vulnerability
does that mean we can expect quite alot of these viruses exploiting the weakspot it says it has?
rynadlo
All depends on how fast Microsoft deceides to come out with a security patch for this.
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 12:47 PM by Banshee
|
XP SP2 patched this bugger, so if you haven't installed that yet, a link is provided for the standalone patch in the main story. 
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 12:48 PM by Vladtepes
|
People, just use a firewall, thatīs more than enough to use Windows safely
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 01:35 PM by dubiousone
|
Posted by: Thorfinn Skullsplitter
Jesus! How many security holes does windows have? I just stopped downloading the patches. It seems that my machine gets buggier with each update
...
That's interesting. My machine gest less buggier and runs better. You need to have your antivirus scanner and firewall up ALL THE TIME when
connected to the internet. One weakness I have noticed in windows is that when you initially install windows, or if you run a windows repair from the
installation disk, there is a period where windows wants to access the internet BEFORE your antivirus scanner is running or your firewall is up. That
creates a vulnerability. You can avoid the vulnerability whenever you run processes such as that by just unplugging your internet cable and not
reconnecting until your firewall and virus scanner are running again. When there is no physical connection to the internet, there is no chance for an
intrustion during the moment of vulnerabity.
NEVER open an email attachment unless the email is from a known source that you trust. There are a number of fake emails in circulation that appear
to be genuine and from trusted sources. So, beware.
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 03:36 PM by Gazrok
|
Excellent advice dubiousone. Just a sidenote, the two service pack updates take a while to load/install...
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 04:46 PM by Whiskey Jack
|
The biggest vulnerability in Windows, in any operating sytem really, is the bit between the keyboard and the chair. While MS has its problems when
dealing with security, it's most often the user who causes security problems. Whether it's not bothering to update virus definitions, or turning
off firewalls "because it's annoying" or not bothering to click on the OK button when the freaking OS does everything except walk the dog for
them...
Ok, I feel better now. Seriously, though, if Windows was replaced today by OS X or Linux, in a year we'd be complaining about "another d@mn exploit
for nsert os/program here>."
Really, when people give their passwords up for chocolate it's hard to hold software makers
solely responsible.
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 05:18 PM by Orias
|
Big deal theres a new exploit every week, not to mention the ones we dont already know about!
The biggest vulnerability in Windows, in any operating sytem really, is the bit between the keyboard and the chair.
Too true, in school all we learnt was how to use spreadsheet and word, big f**King deal my cat could use those progs. There are to many idiots using
computers these days. In turn it allows bored 14yr olds to take advantage. All i can say is, if you dont have a firewall or an AV prog, you deserve
what you get!
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 05:40 PM by marg6043
|
Well, I keep on top of the security updates, but yesterday I got a virus on my lap top and has rendered my OS useless.
And the thing is I had my virus scan on, and no warning.
Does anybody knows if is a new virus out there that can do so much damage as to render your hard drive useless. 
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 07:01 PM by dubiousone
|
Marg6043: You have to keep current with security updates to your OS, keep your virus definitions current, and keep your firewall up to date, and then
have your virus scanner and your firewall up and running 100% of the time when you are connected to the internet. Even that will not stop all
intrusions if you are in the habit of visiting certain kinds of web sites and dowloading content from them. Porn websites are notorious as vehicles
for injecting malicious code onto a users system. Obviously, I don't know what kinds of websites you visit or what you download, so I am not
suggesting that you are doing that. But, beware that whenever you download content you are taking a risk of sorts.
|
reply to this post:
copyright & usage
|
|
reply posted on 17-11-2004 @ 08:04 PM by marg6043
|
Well, not porn downloading that is for sure, I download a trial of zonealarm and the computer top working after I unistalled so that is all I know. My
main computer is fine and I always get the warns went I have something suspicious.
So I have somebody checking on it, right now it does not even wants to run the repair disk. 
|
reply to this post:
copyright & usage
|
|
