Re: Unwanted email messages

From: Larry Samuels MS-MVP XP \(Shell/User\) (larry_at_mvps.org)
Date: 09/20/03


Date: Sat, 20 Sep 2003 01:11:44 -0400


Hi Carolyn,
You are not infected--your email address has been harvested from other users
and from the newsgroups for attack by infected pcs.

The two worms mentioned are the same.

-- 
Larry Samuels MS-MVP  (Windows-Shell/User)
Associate Expert
Unofficial FAQ for Windows Server 2003 at
http://home.earthlink.net/~larrysamuels/WS2003FAQ.htm
Expert Zone - www.microsoft.com/windowsxp/expertzone
"Carolyn" <canels@bellsouth.net> wrote in message
news:0c8a01c37f34$4357a470$a101280a@phx.gbl...
> I had norton check my system and it did not find this
> virus. Is there a difference between the w32.Swen.A@mm
> and the W32/Swen@mm?
>
> >-----Original Message-----
> >This is a worm W32/Swen@MM
> >It doesn't matter what OS you are running--you would
> still be receiving the
> >emails from infected pcs.
> >
> >PSS Security Response Team Alert - New E-Mail Worm:
> W32/Swen@MM
> >
> >SEVERITY: MODERATE
> >DATE: September 18, 2003
> >PRODUCTS AFFECTED: Microsoft Outlook, Microsoft Outlook
> Express, and
> >Web-based e-mail
> >
> >*********************************************************
> *************
> >
> >WHAT IS IT?
> >W32/Swen@MM spreads via e-mail and network shares.  The
> Microsoft
> >Product Support Services Security Team is issuing this
> alert to advise
> >customers to be on the alert for this virus as it
> spreads in the wild.
> >Customers are advised to review the information and take
> the appropriate
> >action for their environments.
> >
> >IMPACT OF ATTACK: Mass Mailing, disabling processes
> related to security
> >software such as antivirus and firewall software
> >
> >TECHNICAL DETAILS:
> >For additional details on this worm from anti-virus
> software vendors
> >participating in the Microsoft Virus Information
> Alliance (VIA) please
> >visit the following links:
> >
> >Network Associates:
> >
> >http://vil.nai.com/vil/content/v_100662.htm
> >
> >Trend Micro:
> >
> >http://www.trendmicro.com/vinfo/virusencyclo/default5.asp
> ?VName=WORM_SWE
> >N.A
> >
> >Symantec
> >
> >http://securityresponse.symantec.com/avcenter/venc/data/w
> 32.swen.a@mm.ht
> >ml
> >
> >Computer Associates:
> >
> >http://www3.ca.com/virusinfo/virus.aspx?ID=36939
> >
> >For more information on Microsoft's Virus Information
> Alliance please
> >visit this link:
> http://www.microsoft.com/technet/security/virus/via.asp
> >
> >
> >Please contact your Antivirus Vendor for additional
> details on this
> >virus.
> >
> >
> >PREVENTION:
> >
> >1. This worm is exploiting a previously patched
> vulnerability.  The
> >vulnerability exploited is related to the following
> Microsoft Security
> >Bulletin:
> >http://www.microsoft.com/technet/security/bulletin/ms01-
> 020.asp
> >
> >As always, customers are advised to install the latest
> security patch
> >for Internet Explorer.  Information on the latest
> cumulative security
> >patch for
> >Internet Explorer can be found here:
> >http://www.microsoft.com/technet/security/bulletin/MS03-
> 032.asp
> >
> >2. Outlook 2000 post SP2 and Outlook XP SP1 include the
> most recent
> >updates to improve the security in Outlook and other
> Office programs.
> >This includes the functionality to block potentially
> harmful attachment
> >types. If you are running either of these versions, they
> will (by
> >default) block the attachment, and you will be unable to
> open it.
> >
> >To ensure you are using the latest version of Office
> click here:
> >http://office.microsoft.com/ProductUpdates/default.aspx
> >
> >By default, Outlook 2000 pre SR1 and Outlook 98 did not
> include this
> >functionality, but it can be obtained by installing the
> Outlook E-mail
> >Security Update. More information about the Outlook E-
> mail Security
> >Update can be found here:
> >
> >http://office.microsoft.com/Downloads/2000/Out2ksec.aspx
> >
> >Outlook Express 6 can be configured to block access to
> >potentially-damaging attachments. Information about how
> to configure
> >this can be found here:
> >
> >http://support.microsoft.com/default.aspx?scid=kb;en-
> us;Q291387
> >
> >Outlook Express all other versions: Previous versions of
> Outlook Express
> >do not contain attachment-blocking functionality. Please
> exercise
> >extreme caution when opening unsolicited e-mail messages
> with
> >attachments.
> >
> >Web-based e-mail programs: Use of a program-level
> firewall can protect
> >you from being infected with this virus through Web-
> based e-mail
> >programs.
> >
> >RECOVERY:
> >If your computer has been infected with this virus,
> please contact your
> >preferred antivirus vendor or Microsoft Product Support
> Services for
> >assistance with removing it.
> >
> >TECHNET SECURITY LINK:
> >http://www.microsoft.com/technet/security/virus/alerts/sw
> en.asp
> >
> >As always please make sure to use the latest Anti-Virus
> detection from
> >your Anti-Virus vendor to detect new viruses and their
> variants.
> >
> >If you have any questions regarding this alert please
> contact your
> >Microsoft representative or 1-866-727-2338 (1-866-
> PCSafety) within the
> >US, outside of the US please contact your local
> Microsoft Subsidiary.
> >Support for virus related issues can also be obtained
> from the Microsoft
> >Virus Support Newsgroup which can be located by clicking
> on the
> >following link
> >news://msnews.microsoft.com/microsoft.public.security.vir
> us.
> >
> >PSS Security Response Team
> >
> >-- 
> >Larry Samuels MS-MVP  (Windows-Shell/User)
> >Associate Expert
> >Unofficial FAQ for Windows Server 2003 at
> >http://home.earthlink.net/~larrysamuels/WS2003FAQ.htm
> >Expert Zone - www.microsoft.com/windowsxp/expertzone
> >
> >"Carolyn" <canels@bellsouth.net> wrote in message
> >news:0c1701c37f28$d16b5ec0$a101280a@phx.gbl...
> >> I installed windows XP Professional Upgrade on my
> >> computer two days ago. Ever since the upgrade was
> >> installed I am getting a minimum 70 emails in mu
> Outlook
> >> inbox referring to Microsoft Security and Patches. I
> have
> >> not opened any. After reach incident, I would delete
> the
> >> files and empty my recycle and delete folder, and run
> >> Norton with the live update. when I go back to the
> inbox,
> >> I am once again flooded with another round of
> junk/virus
> >> emails. Norton quarentines each because it cannot be
> >> repaired. Norton list the virus name
> >> as "Worm.automat.AHB" This is really getting on my last
> >> nerve because it is interrupting my business process. I
> >> went to Norton's website and Microsoft website,
> >> downloaded the patches and the problem still exist!
> What
> >> do I need to do. This problem didn't start until I
> >> upgraded to what I was told was a more secure OS?
> >
> >
> >.
> >


Relevant Pages

  • Re: TONS of virus emails!!!!
    ... Microsoft Outlook, Microsoft Outlook Express, and ... customers to be on the alert for this virus as it spreads in the wild. ... disabling processes related to security ...
    (microsoft.public.security.virus)
  • Re: MS Security Patch
    ... Microsoft Outlook, Microsoft Outlook Express, and ... customers to be on the alert for this virus as it spreads in the wild. ... disabling processes related to security ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Will e-mail virus kills itself?
    ... Microsoft Outlook, Microsoft Outlook Express, and ... customers to be on the alert for this virus as it spreads in the wild. ... disabling processes related to security ...
    (microsoft.public.security.virus)
  • Re: bogus ms contact w worm
    ... Microsoft Outlook, Microsoft Outlook Express, and ... customers to be on the alert for this virus as it spreads in the wild. ... disabling processes related to security ...
    (microsoft.public.security.virus)
  • Re: Phony MS email w. pack86.exe attachment
    ... PSS Security Response Team Alert - New E-Mail Worm: ... Microsoft Outlook, Microsoft Outlook Express, and ... customers to be on the alert for this virus as it spreads in the wild. ...
    (microsoft.public.security.virus)