It has been quite some time since I preached against the evils of viruses and Trojans. To those of you who may have been thinking that maybe because I havent been mentioning them that they were no longer a threat, guess again.
This past week, users of Ameritech and SBC Internet services were advised to not open e-mail from firstname.lastname@example.org (or a similar admin address) with a message.zip attachment and your account in the subject line. This e-mail is forged and the attachment contains a virus.
W32.Mimail.A@mm is a worm that captures information from certain windows on a users desktop and e-mails it to specific mail addresses.
Complete information on the worm and its removal can be found at http://email@example.com.
Microsoft has sent out an e-mail advising users of Windows NT, 2000, 2003 Server, and Windows XP of a serious security vulnerability. An attacker who successfully exploited this vulnerability would be able to run code with Local System privileges on an affected system. The attacker would be able to take any action on the system, including installing programs, viewing changing or deleting data, or creating new accounts with full privileges.
The impact of the vulnerability can be hardly overestimated. It affects every installation of the Windows NT/2000/XP/2003 operating system not protected by additional security mechanisms for access control, such as firewall systems. The vulnerability may also cause enormous harm if its exploitation would be conducted with the usage of even primitive worm technologies.
It should be emphasized that this vulnerability poses an enormous threat and appropriate patches provided by Microsoft should be immediately applied. The patches are available for download from the Microsoft Download
Center. Although exploitation of this vulnerability should not be considered as trivial, due to its potential impact, exploits codes from various sources may be expected in the wild very soon.
In laymans terms, if you have one of the operating systems listed, you should be certain to download and install all of the security updates from Microsofts Web site. If you are running Windows 95, 98, ME, this should not affect you, but it still would be a good time to download the latest updates.
This vulnerability can be exploited whether you are connected to the Internet through a high-speed connection such as DSL or through a dial-up modem. If the virus is introduced on to your computer system through an e-mail or a program, you may be in serious trouble.
In addition to the patches from Microsoft, you should install a firewall program or activate the one included with Windows XP. If you use the built-in help system and type in firewall it will give you the instructions. Also, you should have an anti-virus program installed along with the latest updates even if you just purchased the program. You can do various security checks for free at Steve Gibsons Web site (www.grc.com).
I would like to acknowledge the Last Stage of Delirium Research Group (http://lsd-pl.net) for much of the information regarding the Microsoft security issue. They were the ones that brought it to Microsofts attention.
Richard Heller is an independent computer specialist who specializes in repairs, installation, upgrades, technical support, Internet sharing, data recovery and diagnostics. If you have any computer or service-related questions, please send them to The Rock River Times, e-mail firstname.lastname@example.org, or call 243-1162.