Virus, Worms & Trojans - Fixes

Here is information on common viruses, important notices, and links to patches - not comprehensive - just stuff we have found important to our clients.

Home
Home

News
News

Topic
Topics

AAx
AAx

Common Windows Viruses - What To Do

We have seen most of these on clients' machines.

Windows - Notices & Patches

Microsoft issued more than 100 security notices and patches in 2000. We will only list those of general business interest.
  • UA Control Vulnerability - Office 2000 - This vulnerability allows viruses to be launched from e-mail without opening attachments. The first useage, Davinia, was designed to be destructive but was clumsy and did not propegate well. Future exploits could be far more effective. You should download and apply the patch available from Microsoft.

Apple Macintosh Vulnerabilities

  • Melissa Virus - Macintosh users of Microsoft Office 2001 now have a beta of Outlook available (formerly just Outlook Express). Outlook is enabling the Melissa virus to spread among Mac users.

Linux Vulnerabilities

While Linux is not subject to the fast spreading e-mail virus problems Windows systems have, Linux computers connected to DSL and cable modems are vulnerable to break-in, worms and trojans if their patch levels are not kept up-to-date.

Important: Do not run your Linux box logged in as root. Yes, it's more of a hassle to set your stuff up to run as a user, but running as root makes your system very vulnerable. If root runs a hostile file, it runs with full system privelages, just like under Windows.

  • Ramen Worm - This worm attacks Red Hat Linux 6.2 and 7.0 systems that have not been patched for wu-ftp, rpc.statd and LPRng. Aside from propegating, it disables the ftp service and defaces Web sites by replacing pages named "index.html" with it's own Web page. Description and removeal instructions are at a href="http://www.linuxsecurity.com/articles/network_security_article-2335.html"> Linuxsecurity.com.
  • Dual Boot (Linux/Windows): reestablishing the Linux boot loader. After using fdisk /MBR to remove a DOS/Windows boot sector virus puters. Instructions at CERN. Their link to their Linux boot disk is broken, but you can use the "rescue disk" you made when you installed Linux.

Other Resources

©:Andrew Grygus - Automation Access - www.aaxnet.com - aax@aaxnet.com
Velocity Networks: Network Consulting Service - Internet Service Provider - Web Page Design and Hosting
All trademarks and trade names are recognized as property of their owners.