Destructive Love Bug Variant Attacks
Users at 30 organizations were affected by the latest mutant, but they may
have been able to stop it.
Ashlee Vance, IDG News Service
Monday, October 23, 2000
The "ILove You" virus has not disappeared. The troubling ways of the virus
that hit computer networks about five months ago are still tormenting some
users, who were hit by one of its more destructive variants on Friday.
Almost 50 variants to "ILove You" have turned up in recent months. The
attention-grabbing subject line for the latest mutant, which reads, "US
PRESIDENT AND FBI SECRETS" made it especially troublesome. Users at around
thirty organizations reported being affected by the nasty program, which is
named VBS/Loveletter.bj, according to officials at antivirus company McAfee.
The virus is a reason for concern, but not panic, the officials say. The
latest variant appears to have affected only users who did not keep their
antivirus protection software up to date, according to officials at McAfee,
a unit of Network Associates. (See "Love Letter's Legacy." )
Vince Gullatto, senior director at McAfee's Avert Labs, says most of the
variants that have appeared have stayed within a given company's networks.
With the latest mutant, however, an unidentified media entity that had more
communications with outside companies was affected, which lead to a wider
distribution of the bug.
Like the original "ILove You," this variant spreads itself via Microsoft's
Outlook software and can delete image files from a user's computer.
Microsoft developed a patch for its Outlook software that helped companies
fight off the variants of the virus, but some corporations simply failed to
install the patch, leaving their systems vulnerable, Gullatto says. (See
"Outlook Updated for Antivirus Security." )
Worldwide Problem?
Both McAfee and U.K.-based antivirus software vendor Sophos say they posted
an alert to the variant on their Web sites. Users in both the U.S. and in
Europe have likely been affected, Gullatto says.
"We know of a large enterprise customer who has the original version, and
they have this variant as well," he says. Gullatto adds that companies
should update their antivirus .dat files more regularly in order to avoid
future incidents. Companies often do not realize that an employee has
disabled the antivirus software or fail to stay on top of available
updates, he says.
"Some of the companies have not updated in the last year," Gullatto says.
"We find time and time again that they believe they are protected."
He also adds that mobile workers tend to give companies the most grief in
deflecting the painful viruses. Mobile users, in particular, do not update
their antivirus protection software while on the road.
Regards:
Chandra.R
------------------------------------------------------------------------
Forum Komunikasi Penulis-Pembaca MIKRODATA (FKPPM)
Informasi : http:[EMAIL PROTECTED]
Arsip : http://www.mail-archive.com/forum%40mikrodata.co.id/
WAP : http://mikrodata.co.id/wap/index.wml
Milis ini menjadi kontribusi beberapa rubrik yang diasuh tim MIKRODATA.
Termasuk rubrik-rubrik yang ada di media lain.
Memakai, Menyebarluaskan, dan Memperbanyak software bajakan adalah
tindakan kriminal.
Please check with the latest AVP update before you ask about virus:
ftp://mikrodata.co.id/avirus_&_security/AntiViral_Toolkit_Pro/avp30.zip
