-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, January 03, 2003 8:29 AM To: Cyber Threats Subject: [Cyber_threats] Daily News 01/03/03 January 2, Sydney Morning Herald Word macro virus W97M.Killboot. Anti-virus software maker Symantec has put out an advisory about a new macro virus for Microsoft Word. The virus, named W97M.Killboot, infects a currently active document and the Normal.dot template when an infected document is closed. Once this template is infected, clean documents will be infected when they are closed. It creates the file C:\Setver.exe, which the Symantec anti-virus products detect as Trojan.Killboot. If Trojan.Killboot is run, it writes the viral code into the Master Boot Record; this can overwrite the MBR on all physical hard drives with zeroes. Users should update their anti-virus software and scan and repair infected files. Source. http://www.smh.com.au/articles/2003/01/02/1041196723788.html Virus: #1 Virus in USA: WORM_KLEZ.H Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports:137(netbios-ns); 1433(ms-sql-s); 80(http); 445(microsoft-ds); 139(netbios-ssn); 53(domain); 21(ftp); 4662; 25(smtp); 27374(asp) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Cyber_Threats mailing list Cyber_Threats@listserv http://listserv.infragard.org/mailman/listinfo/cyber_threats
This archive was generated by hypermail 2b30 : Fri Jan 03 2003 - 18:56:45 PST