BubbleBoy Worm Not Yet in the Wild - Offers Only Potential Threat; ICSA.net Offers Tips to Prepare Now to Avoid New Vulnerability in the Future.RESTON, Va.--(BUSINESS WIRE)--Nov. 10, 1999-- ICSA See TruSecure. .net, the leading Internet security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. assurance company today announced several fixes to network systems to prepare for the potential release of malicious code similar to the new "BubbleBoy" worm. It is important for computer users to understand that this new worm has not been released to the wild and currently only poses a theoretical risk. "BubbleBoy" has been written to affect Microsoft Outlook For the e-mail and news client bundled with certain versions of Microsoft Windows, see . Microsoft Outlook or Outlook (full name Microsoft Office Outlook and Microsoft Outlook Express running on Windows 95 and 98, Windows NT (Windows New Technology) A 32-bit operating system from Microsoft for Intel x86 CPUs. NT is the core technology in Windows 2000 and Windows XP (see Windows). Available in separate client and server versions, it includes built-in networking and preemptive multitasking. , Windows 2000 and possibly other email clients tied to Visual Basic Scripting. This worm represents a new twist in malicious software. This "proof of concept" worm, currently only distributed to anti-virus vendors, could unfortunately be copied and modified to include a dangerous payload. In an alert to ICSA.net TruSecure customers the following recommendations have been made to prepare for this "medium risk" virus. -- Install Microsoft's August 31 patch found at http://www.microsoft.com/security/Bulletins/ms99-032.asp Additional precautionary initiatives would include: -- Place a filtering mechanism at the organization's email gateway to stop email messages containing the subject line: "BubbleBoy is back!" -- Set the security setting for Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. 5.0 to high -- If Windows Scripting is not needed, it should be un-installed -- Turn off Visual Basic Scripting capabilities if they are not needed -- Continue to promptly install virus scanner See antivirus program. updates -- Add "hta" and "vbs" to the list of extensions that virus scanners check. The best solution for proper performance of virus scanners would be to scan ALL files. -- Notify members of your organization that the existence of the and warn them to delete any e-mail message containing the following text: BubbleBoy is back! -- In the event this worm makes it to your machine you can manually remove it. To remove, simply delete the UPDATE.HTA (usually found in C:\WINDOWS\Start Menu\Programs\StartUp directory). About ICSA.net ICSA.net, a GartnerGroup affiliate, is an industry leader in the growth and improvement of Internet security. ICSA.net offers TruSecure security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the as well as multi-vendor, cross-industry product certification Product certification or product qualification is the process of certifying that a certain product has passed performance and/or quality assurance tests or qualification requirements stipulated in regulations such as a building code and nationally accredited test standards, programs. ICSA.net helps businesses reduce their information security risks and enables the expansion of Internet technology implementation. ICSA.net has used its leadership and expertise to support the growth of Internet business and commerce worldwide. ICSA Labs, a division of ICSA.net, facilitate information interchange among industry experts, manufacturers and developers of information security products. ICSA Labs manage product consortia and provides testing to increase the quality of products and to enhance computer and network security. Information Security magazine, published monthly by ICSA.net, is the industry's leading source for news, analysis, insight and commentary on today's infosecurity marketplace. Visit www.icsa.net for additional information. Editor's Note: Contact Barb Rose at brose n. 1. Pottage made by pouring some boiling liquid on meal (esp. oatmeal), and stirring it. It is called beef brose, water brose, etc., according to the name of the liquid (beef broth, hot water, etc.) used. @icsa.net to receive a detailed copy of the alert. |
|
Printer friendly
Cite/link
Email
Feedback
Reader Opinion