Re: worried about W32.Bugbear or I-Worm

From: Bill Sanderson (bill_NoSpamSanderson@msn.com)
Date: 10/25/02 

From: "Bill Sanderson" <bill_NoSpamSanderson@msn.com>
Date: Fri, 25 Oct 2002 15:58:54 -0400

Here's Microsoft's article about this patch:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q329770

I've excerpted some of the Prevention part below.

If you are on stock IE6, you still need MS-02-023, it appears. In general,
you should apply any critical fixes that WindowsUpdate offers you.

You also need to subscribe to definition updates for your antivirus, and
keep them updated. The set of definitions which caught this one were issued
9/30 by several vendors. One user I work with was infected on 10/1, having
failed to update his definitions in time. Checking the definition updates
daily, or at each online session if they are less frequent than daily, isn't
unreasonable.

If it has been some time since you updated defs, you should check the whole
machine for virii--it's a good idea to do this regularly in any case--if a
"silent" virus has slipped through because the definitions didn't catch it,
you won't know about it unless you scan the whole drive once definitions are
in place.

Another way to get up-to-date checking of your machine is to use an online
antivirus check--a number of vendors offer these, but they can be
time-consuming, especially on a slow connection.

a.. This virus uses a previously announced vulnerability as part of its
infection method. Because of this, you must make sure that your computers
are patched for the vulnerability that is identified in Microsoft Security
Bulletin MS01-020. For more information about this bulletin, visit the
following Microsoft Web site:
  http://www.microsoft.com/technet/security/bulletin/MS01-020.asp
  1.. To obtain the most recent cumulative security patch for Microsoft
Internet Explorer, which includes the fixes for the vulnerabilities that
were announced in Microsoft Security Bulletin MS01-020, visit the following
Microsoft Web site:
  http://www.microsoft.com/technet/security/bulletin/MS02-023.asp
a..
  1.. If you are using Microsoft Outlook 2000 Service Release 1 (SR-1) or
earlier, install the Outlook E-mail Security Update patch to prevent this
virus, and the majority of other viruses that are borne by e-mail messages,
from running.

  Outlook 2000 Service Pack 2 (SP2) and Microsoft Outlook 2002 automatically
contain the functionality that is contained in the Outlook E-mail Security
Update patch.

  To install the Outlook E-mail Security Update patch for Outlook 2000 SR-1
or earlier, visit the following Microsoft Web site:
  http://office.microsoft.com/Downloads/2000/Out2ksec.aspx
a..
  1.. You can also configure Microsoft Outlook Express 6 to block access to
potentially damaging attachments.For additional information, click the
article number below to view the article in the Microsoft Knowledge Base:
  Q291387 OLEXP: Using Virus Protection Features in Outlook Express 6
  1.. Earlier versions of Microsoft Outlook Express do not contain
attachment-blocking functionality. Use caution when you open unsolicited
e-mail messages with attachments.

"nancy dice" <wonderful22@juno.com> wrote in message
news:e61501c27c59$5f78c8c0$3aef2ecf@TKMSFTNGXA09...
> subject lines on emails:"bad news; membership
> confirmation, Market L report and "Your gift." I am
> running Microsoft 98 windows and have upgraded to Explorer
> 6. Any other patches? Am I safe with this patch? Also
> running Norton anti-virus.