| I A C Webservices Quality Service Providers Since 1996 |
|
| IAC Home | Web Hosting | Applications | Email Solutions | Contact Us | |
Company Info Virus Level |
Notice of new security related issues; viruses, resources, information & downloads. 02_07_08 - Passing the torch. Most of this discussion has moved to this IACL.ORG site. 08_18_05 - New Windows Virus Threat Zotob, Bozori and IRCbot and Bagle all have been running rampant causing computers, especialy Windows 2000 machines to become infected through an opening in Plug and Play that allows the virus to issue a remote mis-configured command over the Internet to gain elevated privilege w/o any interaction on the part of the computer user required. Read more information and a dowload a patch at Microsoft's WINDOWS 2000 Plug & Play Security Flaw page. If your computer is acting strangly, be sure to identify and remove whatever it may be in order to cleanly apply Windows patches. You will need to be at Service Pack 4 to apply this patch.(KB899588) 05_10_05 - Sober Virus Removal If you have been seeing strange spam it's possible Sober is on your system or that of a friend or associate. Here is a link to a Sophos page with some more information. Here is a link to a Sophos page with removal utility. This virus has been getting into computers (especially Windows XP) causing an infected machine to quietly retransmit the virus to scrambled variations of contacts found in your address book. This virus has it's own email server built in thus avoiding any possible contact with your ISP. 04_13_05 - Microsoft Security Updates. Microsoft informs of a number of product update patches it released on April 12th, 2005. Click here for an MS-Word doc that summerizes these. This is for manual update afficiandos i.e. those who do not allow "Automatic Updates" to run on their Windows based computers. We could not find anything of immediate serious concern so do not add any of these patches (MS05-016 through MS05-023) at present to our Resources page. 04_13_05 - Fake Microsoft Download. Be on guard against phony Microsoft updates that are really a virus. These professional-looking emails are easy to get fooled by. See How to Tell If a Microsoft Security-Related Message Is Genuine. In brief make sure the domain name of the website you are visiting is spelled correctly. ALL IT TAKES is a couple of letters inverted or just plain wrong ex: www.micrcsoft.com and you are visting the wrong site. 01_22_05 - January Security Notices. ITEM: Microsoft have discovered a security concern for Internet Explorer ver. 6.0 involving bypassing IFRAME prompting. You can effect IFRAME handling in the Start/Control Panel/Internet Options/Security Tab. These setting allow you to manually force greater security on your computer and are discussed in more detail at Internet Options. ITEM: http://www.mozilla.org/. Mozilla Firefox has finally released version 1.0 of their webbrowser prroduct. As an alternate webbrowser to Internet Explorer, Firefox comes secured while still being able to freely surf the web. At 4.7 MB is reasonably fast to down, quick and free for use. ITEM: AdAware from LavasoftUSA is a 2.6 MB download Spyware removal program with Auto-Update feature that is for personal computer users. Download AdAware Version 6. ITEM: A compiled JPEG graphic of "Internet Options" with our selected choices for "best practice" is available here. 10_14_04 - MS Updates Microsoft discusses 10 patches (MS04-029 through MS04-038) which contain 21 identified vulnerabilities ranging from affecting just Windows NT SP6A to all systems including NT, 2000, XP and 2003. We have identified that most of these (with the notable exception of MS04-038IE Cumulative IE Update) are not currently being exploited on the Internet, although a few have demonstrated some degree of public disclosure or proof code. Contact us for more information. 11_29_04 - December is Password Update Month. We've recently completed an accounts and password overhaul to provide higher security with complicated passwords and specific user accounts. ITEM: Time to go through your machine(s) users list and remove old/inactive accounts. ITEM: Generate a Password Enhancement Sheet and start to use different hard to guess passwords on different computers you use. This minimizes the chance of one compromised machine giving up valid password information that can be used to directly access other machines by hackers. ITEM: Microsoft recommends that you remain logged off - i.e. no administrator privileges account logged in. You can use the "run as" command to manually start needed programs and "services" from a low privilege user account or set each to run as a "system service" so that the machine can be completely logged off. ITEM: Microsoft recommends that you rename the default "Administrator" account. Many hacker scan attempts try to start the compromise process by seeing if there is an "Administrator" user. 10_14_04 - MS Updates Microsoft discusses 10 patches (MS04-029 through MS04-038) which contain 21 identified vulnerabilities ranging from affecting just Windows NT SP6A to all systems including NT, 2000, XP and 2003. We have identified that most of these (with the notable exception of MS04-038IE Cumulative IE Update) are not currently being exploited on the Internet, although a few have demonstrated some degree of public disclosure or proof code. Contact us for more information. 07_14_04 - Patch Page Updated We have updated our Microsoft Windows resources patch page and have arranged new and existing Outlook related material into it's own section under the main IAC support page. We hope this helps sort out the various resources into more easily findable sections that will allow you to quickly find the information and patch links you need to secure your Windows Operating Environment. 07_07_04 - Download.Ject Microsoft have identified the attack vector of recent weeks (malicious code at certain public websites) and have issued a security patch to rectify this situation. See this Microsoft.com Security Page. 05_19_04 - Virus Update ITEM: A fast to download Anti-Virus program that can be set to check all files and delete or report on the 45 or so most common "in the wild" viruses is available for download at NAI Stinger. This program is regularly updated so check for the latest version if your copy is more than a few days old. ITEM: It is absolutely necessary to make sure your anti-virus program is regularly updating it's virus profile on a daily basis. Most Anti-Virus programs have a scheduler or auto-update feature that can be set. ITEM: Virus propegation through SPAM messages, Virus wars and distributed SPAM continue to plauge the Internet as never before. The links at top provide more information on how to better protect your business computers from Virus infectation through good practice, Operating System Patching and enchanced Outlook/Internet Explorer Security. 02_17_04 - Threat Assessment Update System Since the beginning of February elevated virus levels have been encountered 10 of the last 17 days. With new viruses almost continually appearing and being distributed as SPAM we are seeing unprecedented levels of viruses being blocked at out Network Perimeter. Our simple red, orange, green indicating system will give you an idea of what we are encountering. These types of problems clog email, slow down systems and wreak havoc at the end-user's Outlook program. We recommend that everyone reading this upgrade and or check their anti-virus software and make sure it is evenly distributed across your network of computer systems. 02_13_04 - Portions of Microsoft Code Released Sections of Microsoft's Windows 2000 Operating System system were discovered to be floating around on the Internet. This security breach allows malicious users to view portions of Microsoft's native, uncompiled code and possibly write/modify more dangerous viruses. 02_05_04 - MY_DOOM/W32 This virus is out in the wild in force. Although we are attempting to contain it at our perimiter be advised this dangerous virus continues to pose problems for Outlook Users. Please patch your Internet Explorer (below). There are additional security precautions you must take. In Outlook settings to send and view email as TEXT ONLY (Tools/Options/Send). In Start/Settings/Control Panel/Internet Options/Security/Custom Settings is a list of items you should set to "PROMPT" i.e. ActiveX, Java, Script Code, etc. If you are having problems with Outlook itself we suggest you reinstall your software and or take additional precautionary measures as might be suggested by the product manufacturer, Microsoft. www.microsoft.com 02_04_04 - EMAILS WITH VIRUS MYDOOM/W32 IAC scans for and attempts to stop any and all viruses from entering and leaving at the perimiter of our Network. We feel that it is very necessary to stop the proliferation of dangerous viruses such as the MyDoom/W32 variant. We, by necessity, delete messages that are discovered to contain a virus. If you are encountering problems with email it may be in part to this virus being detected or possibly your system has become compromised. This virus specifically targets the Outlook product and we encourage you to patch and or otherwise manually upgrade it's security settings. 02_03_04 - NEW IE 6 PATCH Microsoft have issued a new patch for Internet Explorer Ver. 6. at KB832894. This patch corrects a lot of errors, mostly to do with visiting websites that contain malicious code. Of particular interest is the dissabling of this IE 6. supported login format username:password@Server/Host Also please consider these words from page 6 of 17 of the MS04-004 expanded document. (Bolding is from Microsoft)"If you are using Outlook 2002 or Outlook Express 6.0 SP1 or later, read e-mail messages in plain text format to help protect yourself from the HTML e-mail attack vector."We'd like to add to that that while you are in there to also select "Text Only" for outgoing mail. HTML in email messages instantly increases your SPAM likeliness and is a bad idea. Consider the following default setup for at least one popular email filter system: To determine SPAM any incoming message is assigned a score of 1 to 90 based on varying factors. An HTML component instantly assigns a score of 50 to the message thus weighting it more towards being detected as SPAM. 11_11_03 - Workstation Service Patch Click KB828749 for an important update for Windows 2000 users running Workstation Service (It's on by default). October is Defragmentation Month at IAC 10/09/03 With all the discussion about Viruses its easy to forget that one of the major ways to lose an otherwise fine Windows operating environment is to ignore your hard disk. Regular daily computer usage WILL cause Windows to mis-allocate locations on disk, becoming more of a problem resulting in an unstartable operating system. In Windows 2000, a disk defragmenter is built in just click Start/Programs/Accessories/System Tools/Disk Defragmenter. Windows NT will need a 3rd party defragmenter such as are included with Norton Utilities. Internet Explorer q822925 patch 09/03/03 Microsoft have updated the June Internet Explorer (IE) cumulative patch to include some new vulnerabilities. Download IE patch for your version of IE/Windows. Stinger Virus Removal Utility 08/28/03 Network Associates "Stinger" is a frequently updated, fast and easy to use utility that will scan and clean for 30 major viruses. Download Stinger from NAI site. Spoofed From Address Bounces 08/25/03 If you have recieved bounce messages referring to otherwise unknown message recipients it is because the latest SPAM and Virus techniques involve spoofing your valid email addresses as the "from" line in an attempt to sow as much confusion as possible. These, in many cases, have nothing to do with your email client, network or POP3/SMTP service provider or ISP other than to recieve an auto-bounce message. Please disregard these messages. Watch out for phony patches (from Sophos Antivirus) 08/16/03 "Sophos advises users never to trust security patches that come attached to emails - even if they appear to come from reputable sources. The correct place to download a patch is from the vendor's website. In addition, under no circumstances should users forward this type of message to their friends and colleagues, thinking they are helping them. In the case of patching against the Blaster worm vulnerability, users should visit Microsoft's website at www.microsoft.com. SECURING WINDOWS 2000/NT/XP 08/12/03 There is a serious security risk on all systems running NT/Win2K or XP that are connected to the Internet, even through a firewall. All Windows Systems have service packs and security patches that will greatly enhance the security of your computer. Go to Microsoft's site today for MS03-026 (It should not be hard to find). Be sure to also check and upgrade your Operating System's Service Pack. (Double Click "My Computer/Help/About Windows") Even versions of Internet Explorer have security packs, IE 6 is at SP1 and there is a security patch for IE6/SP1 issued 5/28/03. To take safeguarding your computer a step further, tell Windows to block unused TCP IP Ports: In Networking/TCPIP Properties/Advanced/Options Tab/TCPIP Filtering is a column you can add the following ports for most office configurations. Check "Permit Only" and add 21, 25, 53, 80, 110 and 443. This will cover web, email and FTP ports. All others will be blocked. Note Remote Control Operation Ports as follows: P.C. Anywhere 5631 and 5632, Terminal Services 3389, Timbuktu Pro 1417, 1418, 1419 and 1420. As of this publishing, powerful new viruses borne on the recent discovery of the MS03-026 security risk are almost daily appearing and making their presence felt on unpatched machines. The above steps, executed as well and complete as possible will make your computer immune to many common exploits (Viruses). Be sure to patch your Notebook as well. WINDOWS DCOM/RPC 08/07/03 Microsoft Windows DCOM/RPC (Distributed Com Object Modeling and Remote Procedure Call) suffer serious security flaws that need to be patched in Windows NT and Windows 2000. Please visit Microsoft site for more information on MS03-026. VBS_LISA.A 04/04/03 If you see any email in your inbox with any reference to clicking or opening the message if you are against the War, please don't as this is a Visual Basic Script based Virus that will attack your Outlook Email. VIRUS HOAX RESOURCES 04/03/03 Here are some useful Links to lists of Virus Related Hoaxes. If you see a virus message or alert calling on you to do some action such as alert your email list or remove a file from your system, Check here first. vil.nai.com/VIL/hoaxes.asp www.trendmicro.com/vinfo/hoaxes/hoax.asp Top Windows & UNIX Server Security Problems 03/19/03 SANS Organization has published a very useful paper describing the TOP 20 Windows & UNIX server vulnerabilities. This top-down view to the issue of server security, complete with links to resources is fairly comprehensive, well written and easy to follow in it's approach. Download and print-out your copy today at www.sans.org/top20. |
© Copyright 2009 All rights reserved. IAC Webservices, LLC |
