2004 Security Notifications & Virus Alerts Microsoft Windows Update Users running Microsoft Windows can use this link to get the latest updates available for your computer's operating system, software, and hardware. Microsoft Office Update Users running Microsoft Office 2000, 2002/XP, or 2003 can use this link to check for free updates that improve Office's stability and security. Symantec Security Response Users running Symantec or Norton Anti-Virus products can use this link to update anti-virus files and to learn about the latest virus threats. McAfee Security Headquarters Users running McAfee Anti-Virus products can use this link to update anti-virus files and to learn about the latest virus threats. Security Notifications July 22, 2004 -- Panda Software (Virus and Intrusion Prevention for your PC) This glossary is a brief dictionary of some of the technical terms used when talking about computer viruses and antivirus programs. It will help users better understand how viruses work, their characteristics, they techniques they use to infect computers and transmit themselves, etc. more June 1, 2004 Tips on creating and securing passwords - Tips for safeguarding your digital life: Create strong passwords Don't use easy-to-guess passwords such as "password," "1234," your username or any word that appearsin a dictionary. Don't use your pet's name, street address, date of birth, mother's maiden name, nickname or anythingeasily identifiable and thus easily guessed. Do combine numerals and letters. Use upper and lower cases along with special characters such as the exclamation point, if permitted. more January 15, 2004 How to Tell If a Microsoft Security-Related Message Is Genuine Microsoft regularly sends e-mail to subscribers of it's security e-mail notification services when it releases a Microsoft Security Bulletin. Unfortunately, malicious individuals have been known to send bogus bulletins that appear to be coming from Microsoft, a tactic known as spoofing. Some of these messages lure recipients to malicious websites to download malicious code, while others include a file attachment containing a virus. Learn What to Look For Fortunately, there are ways to spot the imposters. Here's how to verify that a Microsoft security-related message you receive is legitimate: The message contains no attachments. Authentic Microsoft Security Bulletin notifications never include software updates as attachments. The message is digitally signed. The Microsoft Security Response Center always signs its bulletin notifications before distributing them. The bulletin is listed on Microsoft.com. Microsoft never sends notices about security updates until after it publishes information about them on it's website. more Virus Alerts December 29, 2004 W32.Protoride.B is a worm that spreads through network shares and opens a back door that allows unauthorized access to a compromised computer. more December 26, 2004 Perl.Santy.B is a worm written in Perl script that attempts to spread to Web servers running versions of the phpBB 2.x bulletin board software prior to 2.0.11, which are vulnerable to the PHPBB Remote URLDecode Input Validation Vulnerability (BID 11672). It uses AOL or Yahoo search to find potential new infection targets. more December 19, 2004 W32.Mugly.C@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the compromised computer. The worm also drops and runs a W32.Spybot.Worm variant. more December 11, 2004 VBS.Junkmail@mm is a generic VBS, mass-mailing worm, which copies itself to files on the C drive. more December 3, 2004 W32.Mugly.A@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to the email addresses gathered from the infected computer. It also drops and runs a W32.Spybot.Worm variant, and may attempt to open a backdoor on the infected computer. more July 22, 2004 -- Bagle.AH is a worm that affects Windows XP/2000/NT computers only. Bagle.AH opens and listens to a TCP port, waiting for remote connections. By doing so, it allows hackers to gain remote control over the affected computer in order to carry out malicious actions that would compromise user's confidentiality or impede normal work. more June 8, 2004 -- W32.Svoy.A@mm is a mass mailing worm that uses Mapi.dll to send itself to the email addresses that it finds on your computer. The worm arrives in an email, with the subject line of "Message is not delivered" and a variable attachment name. The attachment will have a .exe file extension. more June 7, 2004 -- Trojan.Mitglieder.L is a trojan horse program that allows a compromised system to be used as an email relay. Systems compromised in this way are often used to relay spam. Trojan.Mitglieder.L also terminates processes associated with various antivirus and security applications. more June 3, 2004 -- Due to an increased rate of submissions, Symantec Security Response has upgraded this threat from a Category 2 to a Category 3 as of June 2, 2004. W32.Korgo.F is a minor variant of W32.Korgo.E. It is a worm that attempts to propagate by exploiting the Microsoft Windows LSASS Buffer Overrun Vulnerability (BID 10108) on TCP port 445. It also listens on TCP ports 113, 3067, and other random ports. more May 5, 2004 -- Sasser worm rips through Internet The fast-spreading computer worm Sasser has wreaked more havoc on computer users worldwide, affecting several businesses, banks and government offices, including Britain's Coastguard. Users of the Windows operating systems reported sluggish machines and computers that quit or rebooted for no reason. more January 27, 2004 -- W32.Novarg.A@mm is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip. This virus can potentially allow an attacker to connect to the computer and use it as a proxy to gain access to its network resources. In addition, the backdoor has the ability to download and execute arbitrary files. It also may be used to launch a Denial of Service attack. This virus is also known as "MyDoom." CNN.com reports that as many as 1 out of every 12 e-mails is currently infected with this virus. more January 12, 2004 -- Trojan.Xombe is a Trojan horse that has at least two components: a 4,096 byte downloader and a 27,136 byte Trojan. The downloader component will retrieve the Trojan file from a predetermined Web site. he download component has been distributed in an unsolicited email, purporting to be a security update for Windows XP, sent by Microsoft. more