On 18 Sep 2001, at 14:01, Jim Olsen wrote: > This is a cumulation of the information i've found on W32.nimda thus far: > > W32.nimda is NOT a code red variant, and the people who referring to it as > "Code Blue" were mistaken... [...] > EVERYONE who uses internet explorer to browse the internet should probably do > one of two things to stop from being automatically infected by W32.nimda (i > have not tested whether or not turning off javascript fixes the problem): > o) don't browse web pages until microsoft releases a patch > o) turn OFF javascript I was under the impression that the vulnerability that nimda exploits was known and has been patched (in May) <http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q290108> <http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-020.asp> >EVERYONE who uses outlook/outlook express should, at the very least, not open > any attachments that they are not expecting. THIS recommendation has nothing to do with nimda -- anyone who hasn't gotten *THIS* message yet is hopeless... Taking the opportunity to restate it here is OK, I guess, since a lot of folk jsut WONT get the message. > . Turning off auto-preview might > be a good idea as well. Why? /bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:bernieat_private Pearisburg, VA --> Too many people, too few sheep <-- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 16:36:03 PDT