More
dispatches from the war-on-Windows front
by Alan Zisman (c) 2005 First
published in
Business
in Vancouver February
22-28, 2005 High Tech Office column
The virtual war against Internet users continues. Here’s a
week’s worth
of dispatches from the frontlines.
• Many ISPs and business
networks routinely filter
email attachments, checking for file-types that may be viruses, in
particular Windows .exe and .scr files and compressed .zip files. Now,
many are reported finding virus-laden attachments hiding in a different
compressed format: .rar files, many coming with messages promising
pornographic content, others claiming to be a patch from
Microsoft. (Note
that Microsoft
never sends out patches via email). Anti-virus vendors are scrambling
to update their filters.
• Virus and worm-bearing
messages don’t just target
porn-viewers or pretend to come from Microsoft. A new worm, dubbed
Wumark-F may come to your inbox along with a photo of an old man making
faces, while another worm that appeared in early-February sang
“You are
an idiot” as it infected its victims. Yet another
infection-bearing
email promised viewers photos of Saddam Hussein killed while trying to
escape from custody.
• Infections aren’t
only spread by email these days.
Users of the popular MSN Messenger instant messaging software may find
themselves receiving a pair of infections along with a picture of a
roast chicken with tan-lines. The Bropia.F and Agabot.agc worms try to
spread to all online ‘buddies’ of an infected user.
While this isn’t
the first infection spread by instant messaging software, this is the
first to spread so rapidly or to pack such a punch. Since they are sent
out automatically, instant messaging users should check with the
purported sender before agreeing to receive any files.
• Spam email senders are
increasingly getting around
antispam filters that rely on blacklists of known spammers by using
hordes of worm-infected PCs as ‘zombie’ spam
servers. Antispam company
Postini
reported that in January,
88% of all email traffic is spam, an amount that threatens to overload
servers.
Steve Linford,
of
spam blacklister
SpamHaus,
told
ZDNet UK,
"The e-mail
infrastructure is beginning to fail. You'll see huge delays in e-mail
and servers collapsing. It's the beginning of the e-mail meltdown."
• Microsoft has been releasing
patches for Windows
and Internet Explorer vulnerabilities on the second Tuesday of every
month. The February 8th release included fixes for 13 different
problems. These include ‘critical updates’ for
Windows, MSN Messenger,
Windows Media Player, and Office.
• In January, Microsoft also
released a public beta
of Microsoft AntiSpyware. Windows 2000 and XP users may want to check
this out; it does a good job of scanning for many spyware infections,
and automatically downloads updates on a regular basis. The beta, which
runs until July is free; Microsoft hasn’t announced whether
the
official release will also be free. The busy company also released its
first ‘Malware Remover’ (aka ‘Malicious
Software Removal Tool’), which
checks Windows 2000 and XP systems for a short list of specific worms
and viruses (including Blaster, Sasser, and MyDoom), removing the
infection if found. (
http://www.microsoft.com/security/malwareremove/default.mspx).
I wouldn’t suggest relying on this in place of up-to-date
antivirus
software, but it’s another tool that can be used in a pinch.
• The webpage for
Microsoft’s AntiSpyware tool checks
whether your copy of Windows is legitimate; at this time, the check is
optional, but it’s raising suspicions that Microsoft may, in
the
future, limit updates to customers with verifiably purchased copies of
their products. If this leaves users of pirated Windows copies
vulnerable to attack, this could make the Internet a more dangerous
place even for Microsoft’s paid-in-full customers.
• In a mid-January survey
conducted by
Osterman
Research 44% of US
consumers reported that spam, spyware, and related problems had reduced
their use of email or the Internet. If your company’s
strategy relies
on continued growth of online use, this should be worrying.
Everything in this column is Windows-related. Even spam email, which
will come your way no matter what computer software you’re
running is
now increasingly being distributed by infected computer zombies running
Windows. There are ways to get out of the front-lines of this virtual
war.
More in the next few
weeks.