"Web servers compromised by this worm apparently attach a "readme.eml" to
all web pages served... and due to a bug in IE5, it will automatically
execute the file!"
http://slashdot.org/article.pl?sid=01/09/18/151203&mode=flat
Once the virus is set up on a client machine, it opens up shared access to
C:\. It is speculated that this virus is setting up zombie systems to
prepare for a massive denial-of-service attack on the United States' finance
and communications infrastuctures.
http://www.nipc.gov/warnings/advisories/2001/01-021.htm
Details are still sketchy as to what else this virus can do, but it is
imperative that servers be patched and repaired right away.
What to do:
Make sure your networks' clients are running patched versions of IE 5 or
higher.
Get the patch here:
http://www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp
Or update to IE55 Service Pack 2:
http://www.microsoft.com/windows/ie/downloads/recommended/ie501sp2/default.a
sp
Make sure your IIS servers are running all the correct patches.
NT 4 Security Update:
http://www.microsoft.com/ntserver/nts/downloads/critical/q301625/download.as
p
Windowss 2000 Security Update:
http://www.microsoft.com/Windows2000/downloads/critical/q301625/download.asp
Respectfully,
<cf_developer>
Phillip B. Holmes
Media Resolutions Inc.
Premier Allaire Alliance Partner
http://www.mediares.com
[EMAIL PROTECTED]
1-888-395-4678 ext. 101
972-889-0201 ext. 101
</cf_developer>
Please send support requests to [EMAIL PROTECTED]
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org
