[50mhz] Re: [Yaesu] Interesting viruses at work

[W3UIO]

Good advice, Ray.
I just received this alert from Symantec:
    
WARNING: W32.Bugbear@mm 
Threat level:  Category 4 (Upgraded) 
Type: 
 Worm  
Virus Definitions: September 30, 2002 or later (via
LiveUpdate) 

What is W32.Bugbear@mm and how does it affect me?
Due to an increased rate of submissions, Symantec
Security Response has upgraded this threat from a
Category 3 to a Category 4 as of October 2, 2002. 
W32.Bugbear@mm is a mass-mailing worm. It can also
spread through network shares. It has
keystroke-logging and backdoor capabilities. The worm
also attempts to terminate the processes of various
antivirus and firewall programs.

Security Response has seen that because the worm does
not properly handle the network resource types, it may
flood shared printer resources, which causes them to
print garbage or disrupt their normal functionality.

The subject and attachment name of incoming emails are
randomly chosen. The attachment will have a double
extension ending in .exe, .scr, or .pif.

What action can I take from here?
Symantec Security Response posted virus definitions to
protect against this threat on September 30, 2002 (via
LiveUpdate). All users of Norton AntiVirus who do not
have up-to-date virus protection should immediately
run LiveUpdate for protection from W32.Bugbear@mm. 

Virus definitions are available via the LiveUpdate
feature in the Norton AntiVirus product or the
Symantec Security Response Web site.

Symantec Security Response encourages all Norton
AntiVirus users to regularly download virus
definitions in order to protect against future
threats. For more information on how to run
LiveUpdate, please click here.

Sincerely,

Symantec Security Response Team
Symantec Corporation
 
 
--- Ray Brown <raybrown@ipa.net> wrote:
>   I've had some interesting viruses sent to me here
> lately. These are about 70k big, and they're called
> the BugBear Worm.
> Several have been sent to the various lists, as well
> as to individual members. Let me state for the
> record, NONE OF THE
> VIRUSES THAT WERE SENT DIRECTLY TO THE LISTS WERE
> PASSED ON TO YOU !!! If you've gotten a virus, it
> came from someone that
> had your Email address in his/her Address Book. And,
> the Klez.H worm is still out there, it's 128k big,
> got 2 of those here
> today (along with about 5 of the BugBears).
> 
>   Watch your 6, folks, and turn your Preview Window
> OFF first before looking at your messages. If the
> message is 70k, or
> around 128k, do NOT NOT NOT click on it with your
> preview window on, just DELETE IT !!!!
> 
>   Good luck, everyone!
> 
>                 _Ray_        KB�STN


=====
Larry, W3UIO

__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com