LAB NOTES

LAB NOTES

Virtual chastity belt. Microsoft Corp. last month released a patch that takes two radical measures to reduce the risk of future widespread infestations by the ILOVEYOU worm and similar bugs.

The patch, posted at officeupdate.microsoft.com, bars Microsoft Outlook users from opening e-mail attachments bearing these file extensions: .ade, .adp, .asx, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf, .ins, .isp .js, .jse, .ink, .mdb, .mde, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shs, .url, .vb, .vbe, .vbs, .wsc, .wsf and .wsh.

Although the patch should protect against bugs that infect systems' address books, it may be too restrictive. Some legitimate programs also access address books.

Virus update. Researchers at the Symantec Corp. AntiVirus Research Center in Cupertino, Calif., have found a new and more dangerous variant of the Love Bug called VBS.LoveLetter.FW.A.

This e-mail worm copies itself over files on an infected computer, rendering it inoperable, and will spread to other networked computers as well as clog mail servers. SARC categorizes it as a Level 4 threat, Level 5 being the most dangerous.

SARC recommends filtering and screening out any e-mail with a subject line that shows the letters FWD for a forwarded message.

SARC also classified another recent virus as a Level 4 threat. The W97M.Melissa.BG virus replicates itself in Outlook into an attachment titled w97.resume.a or Resume-Janet Simons with the attachment resume.doc.

This fast-moving bug has an unusual payload.

It deletes the following critical files when the attachment is closed: c:\*.*, c:\my documents\*.*, c:\windows\*.*, c:\windows\system\*.*, c:\winnt\
*.* and c:winnt\system32\*.*.

To avoid losing everything on your hard drive, SARC recommends you filter out the subject line and attachment names so you don't receive the phony resume attachment.

For more information, see the latest virus updates at www.symantec.com.

Portable peripheral Twister. CD CyClone Duplication LLC of Lake Forest, Calif., has released one of the first portable CD-rewritable drives for the 100- to 400-Mbps FireWire interface.

The CDRevo also is available with a Universal Serial Bus connection to interface with Macintoshes and PCs.

The $300 USB drive records and rewrites at 4X speed and reads at 32X. The $400 FireWire version records at 12X, rewrites at 4X and reads at 32X, making this drive faster than many SCSI-3 internal drives.

'Carlos A. Soto

E-mail: csoto@gcnlab.com

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above