JotD / QotD Ελληνική Λίστα Ανεκδότων (JotD)


Θέμα: Computer Virus Alert! (fwd)


(nil): John Kerkines (jkerk(@)arnold.chem.uoa.gr)
Ημερομηνία: Παρ 12 Νοε 1999 - 16:31:16 EET

Sorry paidia, ayth th fora den exei anekdoto.
To parakatw Alert gia virus (worm) den einai apo ekeina poy kserete, ta
dh0en alerts. Einai pragmatiko.

Filika
Yiannis

---------- Forwarded message ----------
Date: Fri, 12 Nov 1999 01:46:54 -0800
From: Manuel Nuno Alcada <nunoalca(@)MED.UP.PT>
Reply-To: CHEMICAL INFORMATION SOURCES DISCUSSION LIST
     <CHMINF-L(@)LISTSERV.INDIANA.EDU>
To: CHMINF-L(@)LISTSERV.INDIANA.EDU
Subject: Computer Virus Alert!

Greetings, CHMINF-L(@)LISTSERV.INDIANA.EDU

I thought you would be interested in knowing about this computer virus...

Virus Name: VBS/Bubbleboy

Virus Characteristics:
This is an Internet worm that requires Internet Explorer 5 with Windows
Scripting Host installed (WSH is standard in Windows 98 and Windows 2000
installations). It does not run on Windows NT due to hard-coded
limitations. The Internet worm is embedded within an email message of HTML
format and does not contain an attachment. This worm is written in VB
Script. There are two variants; the .b variant is encrypted.

<P>This worm affects only English and Spanish installation of Windows.<P>

<P>In MS Outlook, this worm requires that you "open" the email. It will
not run if using "Preview Pane".

<P>In MS Outlook Express, the worm is activated if "Preview Pane" is used!

<P>In both the above, if security settings for Internet Zone in IE5 are
set to High, the worm will not be executed. The vulnerability exploited
by this worm has been addressed by Microsoft with a security patch.
Installing this Internet Explorer patch will prevent the execution of this
worm under default security settings. Network Associates recommends to
apply this patch for all desktops running IE.

<P><a
href="http://www.microsoft.com/security/Bulletins/ms99-032.asp">Microsoft
"scriplet.typelib/Eyedog" Patch</a>

<P>After the VB Script executes, it writes the file UPDATE.HTA to the
local machine and during the next Windows startup, the .HTA file is
invoked. The UPDATE.HTA file is coded to do the following-

<P>* Change the registered owner via the registry to "BubbleBoy"

<P>* Change the registered organization to "Vandelay Industries"

<P>* Send itself embedded in an email message to EVERY contact in EVERY
EMAIL ADDRESS BOOK of MS Outlook

<P>* Sets the registry key to indicate that the email distribution has
occurred. (Email distribution will not be repeated.)

<P>The email is a message with the following information:

<P> From: (person who sent worm unintentionally)
<BR> Subject: BubbleBoy is back!

<P> Message Body: The BubbleBoy incident, pictures and sounds

<P>http://www.towns.com/dorms/tom/bblboy.htm

<P>This is not a valid web page.

To check your system for this virus, and to learn how to protect yourself
from computer viruses, visit the McAfee PC Clinic at
http://clinic.mcafee.com.

This email was sent to you by Manuel Nuno Alcada

PS - Sign up for the McAfee Dispatch - Virus Alerts,
Special Offers and News about McAfee.com. Get more information
or sign up now at: http://www.mcafee.com/subscribe/beginI.asp?s=18

______________________________________________________________________

 Joke of the Day ... Ελληνική Λίστα Ανεκδότων
 Πληροφορίες --> https://anekdota.duckdns.org/jokes_list.html
______________________________________________________________________


Γραφτείτε και εσείς στην Ελληνική Λίστα ανεκδότων (JotD) και στείλτε τα ανέκδοτά σας!!!

Επιστροφή στον κεντρικό κατάλογο αυτού του αρχείου