heathrow42
3 castles down.. 2 to go!
- Joined
- Jan 26, 2002
- Messages
- 1,003
A new worm was identified within the last 24 hours. It affects the firewall software BlackIce and other software produced by ISS. This firewall is very commonly used by home/individual users. This worm has the potential to be very damaging, in that one of it's steps will write randomly to the harddrive causing corrupted files, and potentially crash into an unrecoverable state.
If you use BlackIce please download the appropriate patches, go offline and install them, then reboot your computer and you can go back online. The virus is not written to the harddrive (only to memory) so there aren't any files to delete after you reboot. The vulnerability it exploits was only recently discovered, so if you haven't patched within the last few weeks, there is a good probability that you are vulnerable or already infected.
For more information you can read the following alerts:
SANS: http://isc.sans.org/diary.html?date=2004-03-20
ISS: http://xforce.iss.net/xforce/alerts/id/166
US-CERT-GOV: http://www.us-cert.gov/current/current_activity.html#Witty
Mcaffee: http://vil.nai.com/vil/content/v_101118.htm
and download patches here:
http://blackice.iss.net/update_center/index.php
*Norton Anti-virus also released this week, that there is a vulnerability in their software. They advised users to run Live Update. The advisory can be found at the link below:
http://www.nextgenss.com/advisories/nisrce.txt
A non-techy news article can be found at:
http://news.com.com/2100-7355_3-5176442.html?tag=nefd_top
..and if you use Windows and haven't run an update (ever or recently) it's would be a really good idea to do that as well. Go to microsoft.com click on windows update in the left tool bar and follow the directions. Help make the internet a little more secure!
feel free to PM me if you need any help or have any questions
--Heather
If you use BlackIce please download the appropriate patches, go offline and install them, then reboot your computer and you can go back online. The virus is not written to the harddrive (only to memory) so there aren't any files to delete after you reboot. The vulnerability it exploits was only recently discovered, so if you haven't patched within the last few weeks, there is a good probability that you are vulnerable or already infected.
For more information you can read the following alerts:
SANS: http://isc.sans.org/diary.html?date=2004-03-20
ISS: http://xforce.iss.net/xforce/alerts/id/166
US-CERT-GOV: http://www.us-cert.gov/current/current_activity.html#Witty
Mcaffee: http://vil.nai.com/vil/content/v_101118.htm
and download patches here:
http://blackice.iss.net/update_center/index.php
*Norton Anti-virus also released this week, that there is a vulnerability in their software. They advised users to run Live Update. The advisory can be found at the link below:
http://www.nextgenss.com/advisories/nisrce.txt
A non-techy news article can be found at:
http://news.com.com/2100-7355_3-5176442.html?tag=nefd_top
..and if you use Windows and haven't run an update (ever or recently) it's would be a really good idea to do that as well. Go to microsoft.com click on windows update in the left tool bar and follow the directions. Help make the internet a little more secure!
feel free to PM me if you need any help or have any questions
--Heather
