Re: nimda virus

Wed, 19 Sep 2001 06:59:41 -0700 

For future reference, you can usually find fixes to these kinds of 
exploits/bugs (they will always be around; just something you'll have to 
accept if you're gonna have a web server online) at 
www.microsoft.com/technet

--
Billy Cravens, EDS
[EMAIL PROTECTED]



>From: <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: <[EMAIL PROTECTED]>
>Subject: nimda virus
>Date: Tue, 18 Sep 2001 15:52:31 -0700
>
>
>"Web servers compromised by this worm apparently attach a "readme.eml" to
>all web pages served... and due to a bug in IE5, it will automatically
>execute the file!"
>http://slashdot.org/article.pl?sid=01/09/18/151203&mode=flat
>
>Once the virus is set up on a client machine, it opens up shared access to
>C:\.  It is speculated that this virus is setting up zombie systems to
>prepare for a massive denial-of-service attack on the United States' 
>finance
>and communications infrastuctures.
>http://www.nipc.gov/warnings/advisories/2001/01-021.htm
>
>Details are still sketchy as to what else this virus can do, but it is
>imperative that servers be patched and repaired right away.
>
>
>What to do:
>
>Make sure your networks' clients are running patched versions of IE 5 or
>higher.
>
>Get the patch here:
>http://www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp
>
>Or update to IE55 Service Pack 2:
>http://www.microsoft.com/windows/ie/downloads/recommended/ie501sp2/default.a
>sp
>
>
>Make sure your IIS servers are running all the correct patches.
>
>NT 4 Security Update:
>http://www.microsoft.com/ntserver/nts/downloads/critical/q301625/download.as
>p
>
>Windowss 2000 Security Update:
>http://www.microsoft.com/Windows2000/downloads/critical/q301625/download.asp
>
>
>Respectfully,
>
><cf_developer>
>Phillip B. Holmes
>Media Resolutions Inc.
>Premier Allaire Alliance Partner
>http://www.mediares.com
>[EMAIL PROTECTED]
>1-888-395-4678 ext. 101
>972-889-0201 ext. 101
></cf_developer>
>
>Please send support requests to [EMAIL PROTECTED]
>
>
>-------------------------------------------------------------------------
>This email server is running an evaluation copy of the MailShield anti-
>spam software. Please contact your email administrator if you have any
>questions about this message. MailShield product info: www.mailshield.com
>
>-----------------------------------------------
>To post, send email to [EMAIL PROTECTED]
>To subscribe / unsubscribe: http://www.dfwcfug.org


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com

-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org

Reply via email to