Microsoft released three additional critical vulnerabilities affecting the Remote Procedure Call Service. This new patch fixes the previous issues that MSBlaster and other viruses and worms exploited, plus the new ones. Full details on how you can protect yourself from this new issue and steps you can take are located here: READ MORE…
Quick Rant: (View the previous ones)
226 is the amount of SoBig viruses, bounced "auto replies," "virus warnings" and "unknown user" messages I received today.
Tell your neighbor. Tell your Co-Workers. Tell your Family. Tell your Information Technology Manager. Tell your Network Administrator. Most importantly, tell yourself these items:
- "Do not send E-Mail attachments unless you send an additional E-mail that states that you did so and explain the contents!"
- "Do not open E-Mail attachments regardless of who sent them to you unless you can verify the contents!"
- "If you are compelled to open every single attachment you receive, install a virus scanner and keep it up to date!"
- "If you run an E-Mail server and graciously installed a scanner to protect your users, do not send out auto-reply messages pertaining to virus infected E-Mail! They are absolutely useless and create a massive denial of service attack worse than what you are trying to stop!"
Out of 13423 E-Mail messages I have sent out in recent history, not one of them had an attachment. If you ever get an attachment that appears to be from me, I did not send it to you and never open them. Period.
I do not run a personal virus scanner on my server, nor my E-Mail client. How I identify these malicious messages is located in my E-Mail Filtering Guide. A little education goes a long way toward stopping these type of attacks before they even get started.
To say again, Remote Procedure Call service is a critical vulnerability that you need to take care of. A solution is available.
The main indication of this is a 60 second shutdown counter just after connecting to the internet or "right after" an attack attempt. Many versions of Windows is affected, to include NT, 2000, XP and 2003. This affects computers directly connected to the internet and could cause the attacker to install code to do ANY sort of malicious activities. Exploits already exist! Upon examination of my firewall log files, I discovered that every two to five minutes, the vulnerable ports are being scanned. I have also included information on how you can temporarily stop the Remote Procedure Call service from automatically shutting down the computer while you attempt a resolution. READ MORE…
I have been flooded with E-Mail about Remote Procedure Call service shutting down peoples computers. I have a guess as to why this may be happening to you. READ MORE…
Well, I feel a little bit better. I received in the E-Mail another virus with two totally different files embedded. It seems as though the virus, like many before it, sucks up a few random files off of someone’s hard drive and sends it out with a bit of text from the document as the subject line.
This will have to be chalked up as a BIG coincidence. What is the odds of someone being infected with a virus, attaching my document to it… and then sending it to me? The odds would be nonexistent if people would use virus scanners or utilize my methods of virus identification in E-mail.
Seems as though the May 17, 2003 adventure of a virus using my motto [link removed] as a subject line was not enough. I received another virus today. This time it includes my services document and a batch file that is a virus. Many people have already opened this document as I have blocked the particular pictures included in the information and there is “many” instances of it appearing as denied in my server logs.
Obviously, my thoughts on May 17th of “this is a coincidence” are very incorrect.
Take note folks! This is the harassment that you will get if you openly express your opinion and offer your knowledge for free!
Warning: If you receive an E-Mail message from "firstname.lastname@example.org," with a size of 69 KB to 72 KB, do not open them. It is a virus that will spread to everyone in your address book (if you use OE).
So far, I have received the following subject lines today:
- Re: My application
- Re: Movie
- Re: My details
More information on how you can protect yourself from such an attack is located in the E-Mail Filtering Guide.
I hope this infestation does not get as out of hand as KLEZ did. One day, I received 12 viri from people (err, infected computers). It actually passed the amount of spam I was getting that day.
I must have hit the "big time": I received a virus in my E-mail today with the subject line of "Just Pure BV." If you have not guessed, that has been my motto for quite awhile now. Either I made someone angry and they are trying to tarnish my good name for the fun of it, or it is a major coincidence.
If you care, a screen shot is available [link removed]: (22 KB .gif)