CRAFTECH COMPUTER SOLUTIONS WELCOME TO CRAFTECH MEMBERS AREA




GOOGLE SEARCH Other Search Engines




SEARCH FOR RESTAURANTS IN MEDIA PA







 


New Virus to surpass Nimda and Sircam cause Badtrans is bad - real bad

Due to the extraordinary number of infected files circulating around the net lately - a few words are worthy about the newest worm virus to hit the streets.
 
Expected to surpass both the Nimda and SirCam worms, W32.Badtrans.B@mm leaves infected computers vulnerable to hacking by tracking what a user types. Keystroke loggers record every detail of a computing session - literally every key that is typed so users can easily lose sensitive information including passwords and credit card numbers.
 
Badtrans comes to you as an email attachment that causes some versions of Microsoft Outlook and Outlook Express to automatically launch the infected attachment. In these instances, users don't have to double-click the attachment to initiate the infection. Just by previewing it or reading the email you can become infected.

Badtrans exploits a flaw in Internet Explorer that is integrated in Outlook. Under normal conditions, the flaw was meant to let users open HTML-based email messages. In "geek speak" this means Badtrans uses the MIME header of a message to fool Outlook and tells Outlook to open the attachment - thus initiating the virus.

The subject line of emails containing Badtrans always varies. Many times the subject line is blank, or it assumes the text of an unanswered email. The name of the attachment varies as well, with suffixes including .doc, .pics, and .news. However, in all instances the attachment will have one of the following names: PICS, IMAGES, README, New_Napster_Site, NEWS_DOC, HAMSTER, YOU_ARE_FAT!, SEARCHURL, SETUP, CARD, ME_NUDE, Sorry_about_yesterday, S3MSONG, DOCS, HUMOR, FUN
 
THE FIX:

1.) Get the details at Symantec's security Response site at:
 http://securityresponse.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.html

2.) Download the patch for Internet Explorer that will fix the email vulnerability. The versions affected are IE 5.5 or below.
 http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp

Compiled from various resources by:
"The KillerBrownDog" aka Howard J. McCoy


 





  


Home | News | Community | Set Up | Support | Web Mail | CrafTech.com

Copyright © 2002
CrafTech Computer Solutions, Inc.
(610) 566-0980
Design and images are property of CrafTech Computer Solutions, Inc and can not be copied or reproduced without permission.