× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



 
SECURITY: Worm virus (Swen-A) spreading fast 
Warning : Worm virus (Swen-A) spreading fast.
A worm virus pretending to be from Microsoft Support is spreading extremely
fast by email due to its cleverly constructed appearance.
The worm claims to be a technical bulletin from Microsoft including a
security update fix but is nothing more than a virus in disguise.
The worm spreads itself between Windows machines installed with Internet
Explorer 5.01 and 5.5 or earlier using a security issue patched in early
2001. This can also be spread by opening an email attachment/ executable
file. 
While it is ineffective at propagating itself automatically on machines
running Internet Explorer 6, this worm can also spread through Internet
Relay Chat, news groups and Peer to Peer file sharing Networks such as
Kazaa Lite. Of alarming note is that the virus will try to disable virus
protection and firewall software on machines which are infected by running
the attachment. The virus is also capable of appearing to be an email
server error where it may attempt to gain account details. Anti virus
definitions are recommended to be updated immediately.
Microsoft remind everyone that security bulletins and patches are not
distributed by email and are only distributed via Windows Update and Windows
Automatic Update (Windows XP) facilities.
Please PERMANENTLY delete any unsolicited email claiming to be from
Microsoft support and bearing any form of attachment. 
A write up on the virus including the bogus html security bulletin screens
can be seen on the Symantec web site to aid recognition of the bogus
bulletin... 
 
 
 
---------------------------------------------------------
Booth Martin http://www.MartinVT.com
Booth@xxxxxxxxxxxx
---------------------------------------------------------
 
-------Original Message-------
 
From: Midrange Systems Technical Discussion
Date: Saturday, September 20, 2003 4:15:53 AM
To: Midrange Systems Technical Discussion
Subject: Re: virus? hoax?
 
Yeah. I just looked at my firewall report. I'm getting (really) thousands
of failed hits/day on port 1214, which makes sense for something that's
distributed through Kazaa. According to the document on McAfee, if you're a
Kazaa user, try to run regedit. If you can do that, you probably don't have
the disease. The Outlook (again) distribution is, lets hope, a secondary
method of propagation. The background noise on the net is getting a little
loud lately. Increase it another order of magnitude or two, and the net
will grind to a halt. Most of the problem can be attributed directly to
Outlook.
 
At 23:55 9/19/2003, you wrote:
>Its a virus....
>
>W32/Swen@mm
>
>Go to your anti virus site for info...
>
>Ed
>
>----- Original Message -----
>From: "Pete Hall" <pbhall@xxxxxxxxxxxxx>
>To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
>Sent: Friday, September 19, 2003 8:34 PM
>Subject: Re: virus? hoax?
>
>
> > I don't believe they're coming through the list. I haven't seen any of
>them.
> >
> > At 10:33 9/19/2003, Fran Dennoncourt wrote:
> > >Hello,
> > >I got a strange e-mail yesterday and three this morning. Forwarded all
> > >to our help desk who asked what kind of mailing lists I subscribed to.
> > >Just this, the RPG list, and ClubTechiSeries. Fortunately, all e-mail
> > >with attachments having specific extensions are blocked. One attachment
> > >was 'deletedo.txt', I think.
> > >The subjects are 'last net critical patch', 'Internet Security Patch',
> > >'Returned Message: User unknown', and 'Current Network Upgrade'. The
> > >sender addresses all have MS Corp or MicroSoft in it in some form.
> > >Anyone else getting these?
> > >Thanks.
> >
> > Pete Hall
> > pbhall@xxxxxxxxxxxxx
> > http://www.pbhall.us/
> >
 
.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.