New virus warning

[hilux]

Again, another major virus is doing the rounds on the Internet.  Our work network should be protected against this but it’s your home PC’s that this warning is for.

The Bagle series of Viruses (particularly the Bagle.Q version) are designed to infect your computers without you having to open any attachment even!  A brief description is below but more detailed information can be found on websites like www.sophos.com or www.nai.com.

PLEASE PLEASE PLEASE, if you have a home PC that connects to the internet, install a virus checker if you haven’t already (and don’t forget to update it regularly as well).  Several are available free, check out http://www.freebyte.com/antivirus/#scanners which lists a few.  I use the free one from www.grisoft.com (look for the AVG Free Edition button on the left hand side)  which includes free updates and is regarded as not to bad (for free software that is…)

Regards,

Steve

Virus Information

Please be aware that there is an email in circulation containing a URL link to the W32/Bagle.Q virus. When the email is opened, it will attempt to exploit a vulnerability in Microsoft Outlook and Outlook Express (MS03-040) and automatically download the virus, potentially from the machine the email was sent from

The vulnerability in question was identified several months ago and the patch is available from:

http://www.microsoft.com/security/security_bulletins/ms03-040.asp

The email may appear in your inbox with the following characteristics:

- The from field of the email will be spoofed

- The email is likely to pose as a warning notification

- The greeting text of the email is likely to include the recipients’ domain name

You should be particularly vigilant when receiving emails of this nature, especially if the email contains a link to a website. In particular, caution should be exercised when removing the email from the inbox of an un-patched machine, as viewing the email in the preview pane may bring about the download.

Protection can also be implemented by configuring your machine or firewall to block access to the Internet via TCP port 81.

The email may comprise the following subjects:

• Password: [recipient domain name]

• Pass - [recipient domain name]

• Password - [recipient domain name]

• E-mail account security warning.

• Notify about using the e-mail account.

• Warning about your e-mail account.

• Important notify about your e-mail account.

• Email account utilization warning.

• E-mail technical support message.

• E-mail technical support warning.

• Email report

• Important notify

• Account notify

• E-mail warning

• Notify from e-mail technical support.

• Notify about your e-mail account utilization.

• E-mail account disabling warning.

• Re: Msg reply

• Re: Hello

• Re: Yahoo!

• Re: Thank you!

• Re: Thanks

• RE: Text message

• Re: Document

• Incoming message

• Re: Incoming Message

• Re: Incoming Fax

• Hidden message

• Fax Message Received

• Protected message

• RE: Protected message

• Forum notify

• Request response

• Site changes

• Re: Hi

• Encrypted document