News (CNBC) Reports indicate that this worm uses the same exploit as CODE
RED. If you have not installaed the latest critical updates for NT / W2000,
you should do so IMMEDIATELY. Anecdotal information indicates the new worm
also attempts other exploits, but you should close all the known doors.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Tuesday, September 18, 2001 9:46 AM
> To: [EMAIL PROTECTED]
> Subject: [ActiveDir] This thread is from NTBugTraq but everyone should
> be made aware Alert: Check your IIS boxes now!
> Importance: High
>
>
> This thread is from NTBugTraq but everyone should be made aware
>
> -----Original Message-----
> From: Russ [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 18, 2001 12:28 PM
> To: [EMAIL PROTECTED]
> Subject: Alert: Check your IIS boxes now!
>
>
>
> *** PGP Signature Status: good
> *** Signer: Russ Cooper <[EMAIL PROTECTED]> (Invalid)
> *** Signed: 9/18/2001 9:27:41 AM
> *** Verified: 9/18/2001 10:20:36 AM
> *** BEGIN PGP VERIFIED MESSAGE ***
>
> Numerous people have reported that on IIS servers infected with
> w32.nimda.amm, when visitors browse to their website the visitor is
> offered up README.EML, which in turn downloads README.EXE to the
> visitor.
>
> Please, check your IIS boxes now to see if you are infected. I've had
> reports of IIS servers with more than 10,000 .eml files present
> (mostly as a result of nimda).
>
> While we don't have any conclusive disinfecting procedures yet, any
> IIS box that has been infected definitely shouldn't be available to
> clients until we do.
>
> Cheers,
> Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor
>
>
> *** END PGP VERIFIED MESSAGE ***
>
> ==================================================================
> ==========
> Delivery co-sponsored by Trend Micro, Inc.
> ==================================================================
> ==========
> TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE
>
> If you are worried about email viruses, you need Trend Micro ScanMail for
> Exchange. ScanMail is the first antivirus solution that seamlessly
> integrates with the Microsoft Exchange 2000 virus-scanning API
> 2.0. ScanMail
> ensures 100% inbound and outbound email virus scanning and provides remote
> software management. Download a FREE 30-day trial copy of
> ScanMail and find
> out why it is the best:
> http://www.antivirus.com/banners/tracking.asp?si=8&BI;=240&UL;=/smex2000
> ==================================================================
> ==========
> List info: http://www.activedir.org/mail_list.htm
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
List info: http://www.activedir.org/mail_list.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
