Jump to content


Please note: You can easily log in to MPN using your Facebook account!

FYI: Virus Alert


Recommended Posts

This is the real thing, folks, so pay attention.

 

A virus is circulating throughout the music community, presumably because it worked its way through security holes in Microsoft Outlook or Explorer and is being sent out via people's address books. If you receive a message with a file attachement called Creative.exe (around 36K), do not download or open it! It will move all JPG, ZIP, and MP3 files to your root drive and change their file names.

 

Microsoft posts patches when security problems are discovered. It is well worth going to the windows update site and checking periodically for these types of fixes.

 

Now that you've been warned, go back to music-making.

Link to comment
Share on other sites



  • Replies 6
  • Created
  • Last Reply

Craig,

 

> If you receive a message with a file attachement called Creative.exe (around 36K), do not download or open it!<

 

I'll add to your good advice: If you ever receive ANY attachment that's not a media file (GIF, JPG, MP3, etc.) do not open it. I am always amazed when my friends and relatives open everything they receive, even though I've told them over and over not to do that! Just because a file comes from someone you know is no assurance it's not a virus!

 

--Ethan

 

--Ethan

Link to comment
Share on other sites

Good info Craig - another user posted info about so called MP4 files that were also executables - this person seemed not to realize that they were actual programs that could be or contain viruses. Everyone should check the security settings in their browsers to make sure that you get prompted before programs are run from WEB sites. They should always be saved to disc and virus scanned 1st. Even then, it is a crap shoot with unknown applications - they may not contain viruses, but could easily contain code instructions to delete files, access/modify/ the registy, scan address books, etc. I usually don't run anything from an unproven source.

 

Virus protection is really 3 things:

 

1) Being informed and careful - never rely on the OS or virus programs as your only safety net - viruses are just too much of a moving target.

2) Do use every security feature your applications and OS provide.

3) do use virus protection and scanning software.

 

Also, be careful of malicious programs that are not necessarily viruses - e.g., a program that erases files from your disc may appear to be no more of a virus that the delete command in your OS file manager.

 

 

 

This message has been edited by stevepow on 03-03-2001 at 01:58 PM

Steve Powell - Bull Moon Digital

www.bullmoondigital.com

Link to comment
Share on other sites

Luckily, I'm immune to this virus (as I am to most)

 

The above advice is good, however I'm still sure that millions of people all over the world have No clue, and open every single mail/attachment they recieve.

 

PS... Anyone know where I can find a nasty virus, so I can send it off to some of the junk/spam mailers (If you had their true origin address) ? (Only kidding http://www.musicplayer.com/ubb/smile.gif, though I do know where to find some nasty stuff.)

 

Those people(spammers) definitely deserve a virus or two, IMHO.

 

Alon

.
Link to comment
Share on other sites

And here's a lovely tidbit about HTML email in Outlook and Netscape. Seems nothing is sacred anymore. If you're using Outlook, turn off JavaScript (which I believe is on by default)! Save JS for the Web.

 

Of course, we could all just start using Pine and be done with it.

 

* * * * *

 

Hello,

 

The Privacy Foundation has issued a privacy advisory today describing a serious problem with the Outlook, Outlook Express, and Netscape 6 email readers. By adding a small bit of JavaScript code to an HTML email message, the sender of a message can listen in on comments added to the message whenever the message is forwarded to anyone else by the original receiver of the message.

 

We have nicknamed the problem "email wiretapping". The exploit is not based on any security hole, but uses standard, documented features of JavaScript to read the contents of a email message. A Web bug or hidden form can be used to transmit the contents of the message back to the sender. The JavaScript code is copied each time the message is forwarded or replied to by vulnerable email readers.

 

Some of the possible uses of the exploit include:

 

- In a negotiation conducted by email, one side can learn the bargaining position of the other side

- To extract off-the-record remarks from governmental or company officials

- To harvest email addresses as a chain letter is being circulated.

 

The complete advisory can be found at:

 

http://www.privacyfoundation.org/advisories/advemailwiretap.html

 

The problem was originally found by Carl Voth and his write-up can be found at:

 

http://www.geocities.com/ResearchTriangle/Facility/8332/reaper-exploit-release.html

Link to comment
Share on other sites

You know it's funny, the last time I changed internet providers

and thus got a new email address, I refused to give it to my

sisters, inlaws neices and nephews...etc.. cause they all get

on ICQ and chat rooms and have this large circle of friends they

send and receive silly sh*t from and when they communicated with me

they were always attaching the stuff and all these addresses of people

I don't know.

 

I explained to them how I have a lifetime of work on my computer

and didn't need them sending me stuff that might destroy that work

and they just never seem to catch on.

 

They bug me for my email address but I tell them is there's something

I need to know call. Got pictures of the kids, mail them or stop by.

 

 

 

------------------

William F. Turner

Guitarist, Composer

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...