New Virus Alert

Be advised of a new virus going around. It exploits a weakness in Microsoftâ€[emoji]8482[/emoji]s Windows operating system that could put hundreds of millions of PCs at risk of infection by spyware or viruses. The flaw, which allows hackers to infect computers using programs maliciously inserted into seemingly innocuous image files, was first discovered last week. But the potential for damaging attacks increased dramatically over the weekend after a group of computer hackers published the source code they used to exploit it. Unlike most attacks, which require victims to download or execute a suspect file, the new vulnerability makes it possible for users to infect their computers with spyware or a virus simply by viewing a web page, e-mail or instant message that contains a contaminated image.
To protect ourselves from this:
1. Please DO NOT go to any Web sites that you are not familiar with and/or with links sent by unknown people.
2. Delete all email from unknown or suspicious sources WITHOUT opening it, reading it, or even viewing it in the preview window.
3. Disable the preview pane in Outlook Express (if you are still using this outdated email program, like we are in my office ). Here are the steps necessary to disable it yourself.
The message preview pane in Outlook Express is really nice and useful, but it comes with the risk of catching a worm or virus by just previewing a message.
That's why it is best to disable the preview pane for security reasons in Outlook Express.
To disable the preview pane in Outlook Express:

• Select View | Layout... from the menu in Outlook Express.
• Make sure Show preview pane is not checked.
• Click OK.
  • You can also click Apply to put the new settings into effect without closing the configuration dialog.

Thanks for the warning!

We use Outlook Express in our office too- I always have used the "preview", but I have disabled it!

Thanks again!

Thanks Heidi, if these hackers put their efforts into a positive vein, just think how much better the Internet would be-

CNN has this story on it: http://money.cnn.com/2006/01/03/tech...ex.htm?cnn=yes

Does this mean that we are taking a risk simply from being online?

dont these hackers have anything better to do?

Originally Posted by Rockcat

Does this mean that we are taking a risk simply from being online?

Click to expand...

Sad thing is - yeah, pretty much. As the warning from my IT guy said - stick to sites you know and trust, and don't just click on any links you get in an email, even if it is from someone you know. They've gotten really good at spoofing email addresses, unfortunately.

Earl also found the Security Advisory from Microsoft. http://www.microsoft.com/technet/sec...ry/912840.mspx They are anticipating getting the patch done by NEXT Tuesday. OUCH!

So, this only affects Windows, right?

Originally Posted by lionessrampant

So, this only affects Windows, right?

Click to expand...

From what I can tell, yes. It exploits (yet another) vulnerability in Windows, and in ALL versions of Windows.

Thanks for the info, and don't forget to install anti-virus and firewall in your computer, for those who doesn't have one.

I just disabled the preview pane....after all this time, I can't believe I didn't know that could be done! Duh!
Thanks for the information!

Thank you! I'll be sure to keep that in mind now.

This is billed as a temporary patch until M$ sorts it out. http://isc.sans.org/diary.php?storyid=1010

Thank you, Heidi!

I must have an outdated version of Outlook Express because I'm able to disable it.

Oh now I see why it wouldn't work because I was in a message. LOL duh!

Done. Thanks for the warning!

Originally Posted by valanhb

Sad thing is - yeah, pretty much. As the warning from my IT guy said - stick to sites you know and trust, and don't just click on any links you get in an email, even if it is from someone you know. They've gotten really good at spoofing email addresses, unfortunately.

Earl also found the Security Advisory from Microsoft. http://www.microsoft.com/technet/sec...ry/912840.mspx They are anticipating getting the patch done by NEXT Tuesday. OUCH!

Click to expand...

Yikes!!! Thanks for the warning!

Microsoft has beaten their forcasts and has released the Security Patch. Here is the Security Bulletin: http://www.microsoft.com/technet/sec.../MS06-001.mspx Use your Windows Update in the Start Menu to get the update.

Bumping. This is quite a relief to all of us!