The Computer Guys

Miami to Fort Lauderdale Since 1994 - Thank You!

 

 

We Build the Best & Repair the Rest! ©

 

Alerts November 2004

FAQ Search Virus Alerts Hardware Faqs

 

 

Computer Repair
PC Maintenance
Disaster Recovery
SpyWare Removal
Company Profile
Disclaimer
Contact Information
Home Users

 

 


March 2004 August 2004 November 2004 October 2004 April 2004 July 2004 Virus Alert Calendars May 2004 September 2004 June 2004 January 2004 February 2004 Alerts 2003 Alerts Jan 2004 Alerts Feb 2004 Alerts March 2004 Alerts April 2004 Alerts Top 10 May 2004 Alerts Top10 June 2004 Alerts Top 10 July 2004 Alerts August 2004 Alerts September 2004 Alerts Oct 2004 Alerts November 2004 Alerts December 2004

 

 

 

 

Top 10 malware reported to Sophos in November 2004

Position Last
month		 Malware Percentage of reports
1 1 W32/Netsky-P
   24.2%
2 New W32/Sober-I
   20.4%
3 2 W32/Zafi-B
   17.9%
4 New W32/Bagle-AU
   11.0%
5 3 W32/Netsky-D
   4.4%
6 4 W32/Netsky-Z
   3.9%
7 5 W32/Bagle-AA
   2.6%
8 6 W32/Netsky-B
   2.4%
9 8 W32/MyDoom-O
   2.2%
10 7 W32/Netsky-Q
   2.1%
Others 8.9%

 

Exploit-IframeBO is located on VIL at: http://vil.nai.com/vil/content/v_129629.htm

 

  

November 04, 2004 (IDG News Service) -- Microsoft Corp. is investigating reports of a serious security flaw in Internet Explorer but has not yet seen malicious code that exploits the reported vulnerability.

Security experts earlier this week warned that code exploiting a newly discovered security hole in Internet Explorer is circulating on the Internet. The code exploits a buffer overflow vulnerability in Internet Explorer 6 and has been confirmed on PCs running Windows XP with Service Pack 1 and Windows 2000, according to Danish security company Secunia.

The U.S. Computer Emergency Readiness Team (CERT) issued an alert similar to the Secunia advisory. CERT warns that in addition to the Web browser, applications such as e-mail clients that rely on browser controls may also be vulnerable. Attackers could gain complete control of a victim's computer by exploiting the flaw, according to Secunia and CERT.

 

more..
 

W32/Mydoom.ag@MM is located on VIL at: http://vil.nai.com/vil/content/v_129630.htm

 

  

A new version of MyDoom uses an unpatched flaw in Microsoft's Internet Explorer to spread, antivirus companies warned on Monday.

 

The recently discovered vulnerability in the browser software allows the offshoot to infect a PC after a user clicks on a link, according to advisories from security software makers Symantec and McAfee. The program sneaks past antivirus applications that detect malicious software by scanning e-mail messages with attached programs.

 

The companies said they had only detected a few instances of the infector, which is labelled MyDoom.AG by McAfee and MyDoom.AH by Symantec.

 

more...

 

Information about W32/Golten.worm is located on VIL at: http://vil.nai.com/vil/content/v_129974.htm

 

Information about Exploit-MS04-032!gdi is located on VIL at:

http://vil.nai.com/vil/content/v_129471.htm

 

  

A worm which exploits curiosity about the death of Yasser Arafat is the first to exploit the known Extended MetaFiles vulnerability.

 

Aler is a network worm that was widely bulk-mailed with the subject "Latest News about Arafat!!!". These infected emails had two attachments, one a clean JPEG file and the other an infected EMF file, according to anti-virus firm F-Secure.

 

The EMF file exploits a well-known Windows vulnerability (MS04-032) to install the worm onto systems when the attachment is opened.

 

more...

 
Read About It

 

Information about W32/Yanz.a@MM is located on VIL at: http://vil.nai.com/vil/content/v_130045.htm

 

Information about W32/Yanz.b@MM is located on VIL at: http://vil.nai.com/vil/content/v_130137.htm

 

Information about W32/Anzae.a@MM is located on VIL at: http://vil.nai.com/vil/content/v_130139.htm

 

Information about W32/Anzae.b@MM is located on VIL at: http://vil.nai.com/vil/content/v_130140.htm

 

Information about W32/Anzae.c@MM is located on VIL at: http://vil.nai.com/vil/content/v_130141.htm

 

  

Five new worms target surfers
November 23, 2004
Claire Woffenden

 

An Asian pop star has joined the ranks of David Beckham, Anna Kournikova, Jennifer Lopez and Britney Spears by having two viruses written for her.
 


Two new email worms are attempting to exploit fans of Singapore-born singer Stefanie Sun Yanzi, said to be a big name star in Asia.
 


The Favsin-A worm begs the singer to contact the virus writer, while the Yanz-A worm spreads via email posing as the video or MP3 music file of one of Sun Yanzi's popular hits

 

more...

 

 

 

Email worm poses as Osama videogram
 

Emails claiming to contain video clips of terrorist mastermind Osama bin Laden are likely to be example of a new computer worm.

The Famus-F worm normally arrives in the form of a bilingual English and Spanish email, with the subject line "More terrorism this year". The message body states: "Last speech from Bin Laden. Please forwards this video to everybody." and includes a password - "cnn".
 

Read more here...

 
 

 

W32/Bagle-AU is an email and peer-to-peer worm.

 

W32/Bagle-AU attempts email itself to addresses harvested from the infected machine, as well as copying itself to file-sharing folders.

 

W32/Bagle-AU will also attempt to download files from a remote website.

 

 

Sophos's anti-virus products include proactive protection technology, which can defend against new threats without requiring an update. Sophos customers have been protected against W32/Bagle-AU (detected as W32/Bagle-Gen) since version 3.86.

 

 

 
This web is optimized for 800 x 600 monitor resolution or above and the latest web browser.  Get the latest IE or Netscape web browser. (you need to connect to the internet first)

 

 

Copyright © 1998 The Computer Guys

 Back Home Up Next