Re: Unwanted email messages

From: Carolyn (canels_at_bellsouth.net)
Date: 09/20/03 

Date: Fri, 19 Sep 2003 22:01:34 -0700

I had norton check my system and it did not find this
virus. Is there a difference between the w32.Swen.A@mm
and the W32/Swen@mm?

>-----Original Message-----
>This is a worm W32/Swen@MM
>It doesn't matter what OS you are running--you would
still be receiving the
>emails from infected pcs.
>
>PSS Security Response Team Alert - New E-Mail Worm:
W32/Swen@MM
>
>SEVERITY: MODERATE
>DATE: September 18, 2003
>PRODUCTS AFFECTED: Microsoft Outlook, Microsoft Outlook
Express, and
>Web-based e-mail
>
>*********************************************************
*************
>
>WHAT IS IT?
>W32/Swen@MM spreads via e-mail and network shares. The
Microsoft
>Product Support Services Security Team is issuing this
alert to advise
>customers to be on the alert for this virus as it
spreads in the wild.
>Customers are advised to review the information and take
the appropriate
>action for their environments.
>
>IMPACT OF ATTACK: Mass Mailing, disabling processes
related to security
>software such as antivirus and firewall software
>
>TECHNICAL DETAILS:
>For additional details on this worm from anti-virus
software vendors
>participating in the Microsoft Virus Information
Alliance (VIA) please
>visit the following links:
>
>Network Associates:
>
>http://vil.nai.com/vil/content/v_100662.htm
>
>Trend Micro:
>
>http://www.trendmicro.com/vinfo/virusencyclo/default5.asp
?VName=WORM_SWE
>N.A
>
>Symantec
>
>http://securityresponse.symantec.com/avcenter/venc/data/w
32.swen.a@mm.ht
>ml
>
>Computer Associates:
>
>http://www3.ca.com/virusinfo/virus.aspx?ID=36939
>
>For more information on Microsoft's Virus Information
Alliance please
>visit this link:
http://www.microsoft.com/technet/security/virus/via.asp
>
>
>Please contact your Antivirus Vendor for additional
details on this
>virus.
>
>
>PREVENTION:
>
>1. This worm is exploiting a previously patched
vulnerability. The
>vulnerability exploited is related to the following
Microsoft Security
>Bulletin:
>http://www.microsoft.com/technet/security/bulletin/ms01-
020.asp
>
>As always, customers are advised to install the latest
security patch
>for Internet Explorer. Information on the latest
cumulative security
>patch for
>Internet Explorer can be found here:
>http://www.microsoft.com/technet/security/bulletin/MS03-
032.asp
>
>2. Outlook 2000 post SP2 and Outlook XP SP1 include the
most recent
>updates to improve the security in Outlook and other
Office programs.
>This includes the functionality to block potentially
harmful attachment
>types. If you are running either of these versions, they
will (by
>default) block the attachment, and you will be unable to
open it.
>
>To ensure you are using the latest version of Office
click here:
>http://office.microsoft.com/ProductUpdates/default.aspx
>
>By default, Outlook 2000 pre SR1 and Outlook 98 did not
include this
>functionality, but it can be obtained by installing the
Outlook E-mail
>Security Update. More information about the Outlook E-
mail Security
>Update can be found here:
>
>http://office.microsoft.com/Downloads/2000/Out2ksec.aspx
>
>Outlook Express 6 can be configured to block access to
>potentially-damaging attachments. Information about how
to configure
>this can be found here:
>
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q291387
>
>Outlook Express all other versions: Previous versions of
Outlook Express
>do not contain attachment-blocking functionality. Please
exercise
>extreme caution when opening unsolicited e-mail messages
with
>attachments.
>
>Web-based e-mail programs: Use of a program-level
firewall can protect
>you from being infected with this virus through Web-
based e-mail
>programs.
>
>RECOVERY:
>If your computer has been infected with this virus,
please contact your
>preferred antivirus vendor or Microsoft Product Support
Services for
>assistance with removing it.
>
>TECHNET SECURITY LINK:
>http://www.microsoft.com/technet/security/virus/alerts/sw
en.asp
>
>As always please make sure to use the latest Anti-Virus
detection from
>your Anti-Virus vendor to detect new viruses and their
variants.
>
>If you have any questions regarding this alert please
contact your
>Microsoft representative or 1-866-727-2338 (1-866-
PCSafety) within the
>US, outside of the US please contact your local
Microsoft Subsidiary.
>Support for virus related issues can also be obtained
from the Microsoft
>Virus Support Newsgroup which can be located by clicking
on the
>following link
>news://msnews.microsoft.com/microsoft.public.security.vir
us.
>
>PSS Security Response Team
>
>--
>Larry Samuels MS-MVP (Windows-Shell/User)
>Associate Expert
>Unofficial FAQ for Windows Server 2003 at
>http://home.earthlink.net/~larrysamuels/WS2003FAQ.htm
>Expert Zone - www.microsoft.com/windowsxp/expertzone
>
>"Carolyn" <canels@bellsouth.net> wrote in message
>news:0c1701c37f28$d16b5ec0$a101280a@phx.gbl...
>> I installed windows XP Professional Upgrade on my
>> computer two days ago. Ever since the upgrade was
>> installed I am getting a minimum 70 emails in mu
Outlook
>> inbox referring to Microsoft Security and Patches. I
have
>> not opened any. After reach incident, I would delete
the
>> files and empty my recycle and delete folder, and run
>> Norton with the live update. when I go back to the
inbox,
>> I am once again flooded with another round of
junk/virus
>> emails. Norton quarentines each because it cannot be
>> repaired. Norton list the virus name
>> as "Worm.automat.AHB" This is really getting on my last
>> nerve because it is interrupting my business process. I
>> went to Norton's website and Microsoft website,
>> downloaded the patches and the problem still exist!
What
>> do I need to do. This problem didn't start until I
>> upgraded to what I was told was a more secure OS?
>
>
>.
>

Relevant Pages