Re: Unwanted email messages
From: Larry Samuels MS-MVP XP \(Shell/User\) (larry_at_mvps.org)
Date: Sat, 20 Sep 2003 01:11:44 -0400
You are not infected--your email address has been harvested from other users
and from the newsgroups for attack by infected pcs.
The two worms mentioned are the same.
-- Larry Samuels MS-MVP (Windows-Shell/User) Associate Expert Unofficial FAQ for Windows Server 2003 at http://home.earthlink.net/~larrysamuels/WS2003FAQ.htm Expert Zone - www.microsoft.com/windowsxp/expertzone "Carolyn" <email@example.com> wrote in message news:firstname.lastname@example.org... > I had norton check my system and it did not find this > virus. Is there a difference between the w32.Swen.A@mm > and the W32/Swen@mm? > > >-----Original Message----- > >This is a worm W32/Swen@MM > >It doesn't matter what OS you are running--you would > still be receiving the > >emails from infected pcs. > > > >PSS Security Response Team Alert - New E-Mail Worm: > W32/Swen@MM > > > >SEVERITY: MODERATE > >DATE: September 18, 2003 > >PRODUCTS AFFECTED: Microsoft Outlook, Microsoft Outlook > Express, and > >Web-based e-mail > > > >********************************************************* > ************* > > > >WHAT IS IT? > >W32/Swen@MM spreads via e-mail and network shares. The > Microsoft > >Product Support Services Security Team is issuing this > alert to advise > >customers to be on the alert for this virus as it > spreads in the wild. > >Customers are advised to review the information and take > the appropriate > >action for their environments. > > > >IMPACT OF ATTACK: Mass Mailing, disabling processes > related to security > >software such as antivirus and firewall software > > > >TECHNICAL DETAILS: > >For additional details on this worm from anti-virus > software vendors > >participating in the Microsoft Virus Information > Alliance (VIA) please > >visit the following links: > > > >Network Associates: > > > >http://vil.nai.com/vil/content/v_100662.htm > > > >Trend Micro: > > > >http://www.trendmicro.com/vinfo/virusencyclo/default5.asp > ?VName=WORM_SWE > >N.A > > > >Symantec > > > >http://securityresponse.symantec.com/avcenter/venc/data/w > email@example.com > >ml > > > >Computer Associates: > > > >http://www3.ca.com/virusinfo/virus.aspx?ID=36939 > > > >For more information on Microsoft's Virus Information > Alliance please > >visit this link: > http://www.microsoft.com/technet/security/virus/via.asp > > > > > >Please contact your Antivirus Vendor for additional > details on this > >virus. > > > > > >PREVENTION: > > > >1. This worm is exploiting a previously patched > vulnerability. The > >vulnerability exploited is related to the following > Microsoft Security > >Bulletin: > >http://www.microsoft.com/technet/security/bulletin/ms01- > 020.asp > > > >As always, customers are advised to install the latest > security patch > >for Internet Explorer. Information on the latest > cumulative security > >patch for > >Internet Explorer can be found here: > >http://www.microsoft.com/technet/security/bulletin/MS03- > 032.asp > > > >2. Outlook 2000 post SP2 and Outlook XP SP1 include the > most recent > >updates to improve the security in Outlook and other > Office programs. > >This includes the functionality to block potentially > harmful attachment > >types. If you are running either of these versions, they > will (by > >default) block the attachment, and you will be unable to > open it. > > > >To ensure you are using the latest version of Office > click here: > >http://office.microsoft.com/ProductUpdates/default.aspx > > > >By default, Outlook 2000 pre SR1 and Outlook 98 did not > include this > >functionality, but it can be obtained by installing the > Outlook E-mail > >Security Update. More information about the Outlook E- > mail Security > >Update can be found here: > > > >http://office.microsoft.com/Downloads/2000/Out2ksec.aspx > > > >Outlook Express 6 can be configured to block access to > >potentially-damaging attachments. Information about how > to configure > >this can be found here: > > > >http://support.microsoft.com/default.aspx?scid=kb;en- > us;Q291387 > > > >Outlook Express all other versions: Previous versions of > Outlook Express > >do not contain attachment-blocking functionality. Please > exercise > >extreme caution when opening unsolicited e-mail messages > with > >attachments. > > > >Web-based e-mail programs: Use of a program-level > firewall can protect > >you from being infected with this virus through Web- > based e-mail > >programs. > > > >RECOVERY: > >If your computer has been infected with this virus, > please contact your > >preferred antivirus vendor or Microsoft Product Support > Services for > >assistance with removing it. > > > >TECHNET SECURITY LINK: > >http://www.microsoft.com/technet/security/virus/alerts/sw > en.asp > > > >As always please make sure to use the latest Anti-Virus > detection from > >your Anti-Virus vendor to detect new viruses and their > variants. > > > >If you have any questions regarding this alert please > contact your > >Microsoft representative or 1-866-727-2338 (1-866- > PCSafety) within the > >US, outside of the US please contact your local > Microsoft Subsidiary. > >Support for virus related issues can also be obtained > from the Microsoft > >Virus Support Newsgroup which can be located by clicking > on the > >following link > >news://msnews.microsoft.com/microsoft.public.security.vir > us. > > > >PSS Security Response Team > > > >-- > >Larry Samuels MS-MVP (Windows-Shell/User) > >Associate Expert > >Unofficial FAQ for Windows Server 2003 at > >http://home.earthlink.net/~larrysamuels/WS2003FAQ.htm > >Expert Zone - www.microsoft.com/windowsxp/expertzone > > > >"Carolyn" <firstname.lastname@example.org> wrote in message > >news:email@example.com... > >> I installed windows XP Professional Upgrade on my > >> computer two days ago. Ever since the upgrade was > >> installed I am getting a minimum 70 emails in mu > Outlook > >> inbox referring to Microsoft Security and Patches. I > have > >> not opened any. After reach incident, I would delete > the > >> files and empty my recycle and delete folder, and run > >> Norton with the live update. when I go back to the > inbox, > >> I am once again flooded with another round of > junk/virus > >> emails. Norton quarentines each because it cannot be > >> repaired. Norton list the virus name > >> as "Worm.automat.AHB" This is really getting on my last > >> nerve because it is interrupting my business process. I > >> went to Norton's website and Microsoft website, > >> downloaded the patches and the problem still exist! > What > >> do I need to do. This problem didn't start until I > >> upgraded to what I was told was a more secure OS? > > > > > >. > >