News Archives from 2001 (July 01 - July 31, 2001)
______________________________________________________________
[Jump to Amiga] [Jump to Windows] [Jump to Mac]
[Jump to Linux] [Jump to Misc]
______________________________________________________________
Amiga
26 July 2001 - Updated VirusSlayerII Extras to v1.3
The VirusSlayerII Extras file, has a PGP keyfile namechange, from
key_clm-pgp.asc to key_clm-pgp.txt. Having an ending with .asc caused
problems with my PGP checking in Diskmaster-II. The archive, called
vsII-extras13.lha can be found by following the above link.
* VirusSlayer II Homepage on VHT-Canada
23 July 2001 - Updated VirusSlayerII Extras v1.2
The VirusSlayerII Extras file, now has the script bit set on the VSII
icon. The archive, called vsII-extras12.lha can be found by following the
above link.
* VirusSlayer II Homepage on VHT-Canada
21 July 2001 - Added The ReqTools Library by AROS Team
The Reqtools.library is needed by a few anti-virus programs, and is
available at VHT-Canada. Now the updated version done by the AROS Team
is also available. This archive contains only the library! For all the
other stuff like prefs program, catalogs you still have to download
ReqToolsUsr.lha, unless you have it already!
19 July 2001 - VirusSlayer II and VirusSlayer II Extras Updated
Updated to the latest version of the viruskiller Virus Slayer II by
Martin Zemblowski. The previous version of VSII, had the bug-repaired
files saved with bad hunk structure. The Virus Slayer II Extras, has
also been updated.
* Virus Slayer II Homepage on VHT-Canada
17 July 2001 - Safe v16.2 Released
Zbigniew `Zeeball` Trzcionkowski released his latest freeware virus
dicovering system. Safe informs about attack and removes virus from
memory if possible. The archive is named Safe162.lha, and can be found
on the downloads page, by following the above link.
17 July 2001 - CheckX v1.85 Available
Dirk Stöcker released his latest version of CheckX which can scan large
files which fit not in memory (but can be handled by XAD). The archive
is named checkx185.lha, and can be found on the downloads page, by
following the above link.
13 July 2001 - News Items for Today
Safe v16.1 Released
Zbigniew Trzcionkowski (zeeball) has new things in v16.1
* Kicked out BOBEK2 memory removals.
Please install xvs.library.
* New polish 6k virus called Penetrator will be recognized soon (or
already is) by xvs.library. Jan Erik have all required information
to do cure for it in files and in memory. You can use my XFD slave
if You agree to delete or hide somewhere every infected file.
NOTE! This lame PENETRATOR virus uses engine of very advanced 'packet'
virus called SMEG. You can't see patched vectors nor infect actions in
SnoopDos! Be warned!
12 July 2001 - News Items for Today
VHT-DK: New update of the boot-able disks (VHT-DK)
Jan of Virus Help Denmark says "We have updated the boot-able antivirus
disks, with the 33.26 version of xvs.library. And we have also made a
new disk with VirusExecutor by Jan Erik Olausen." Download them Here
06 July 2001 - Downloads Addition: VirusSlayerII Extras
Since VirusSlayerII is normally controlled via ARexx and thus enables
the user to interact with it from programs like e.g. DirectoryOpus,
there are no icons with this software. Therefore, I've made available
the script and icons so VSII can be used from the Workbench.
* VirusSlayer II Homepage on VHT-Canada
06 July 2001 - Replaced Archive For VT English Docs
Updated Thorsten Behrens's English documentaion to the anti-virus
program VT-Schutz (Virus Test). We still had the earlier version from
the 5th, on our page. File is called VTDocsEng_990914.lha
02 July 2001 - VirusWarning.Guide v3.3 Available
A new update of VirusWarning.guide has been released today, by Virus
Help Denmark. The archive is named vht-vg33.lha, and can be found on
the downloads page.
* For older Virus Warnings and Guides see the Archives Section
01 July 2001 - Voodoo-X 1.5 Released
Voodoo-X by Andrew Bell, has been updated. This program is the Official
GUI for Dirk Stoecker's XAD unarchiving system. If you have Jan Erik
Olausen's xvs.library installed, you are then able to virus check your
packed archives from within Voodoo-X. There are a number of non-included
files, either required or optional, that are needed to operate Voodoo-X,
so I suggest you visit Andrew's VX page, here at Virus Help Team Canada.
Andrew is taking a break from programming over the duration of summer.
Voodoo-X Homepage at VHT-Canada - Convenient links to all required files
01 July 2001 - XAD Clients Guide v1.3 for XAD and Voodoo-X
Stuart Kyzer Caie's xadclients.guide is available on the downloads page.
In Kyzer's release note on the XAD form, he states, "To enhance your
informed state of XAD clients, and to enhance your Voodoo-X experience,
I release this pre-XAD-v10 test edition of xadclients.guide - please
send feedback." To install, just place the .guide in your Voodoo-X
directory.
01 July 2001 - VHT-DK Warning: Bobek2 Infected Archive Found
Virus Help Denmark reports another archive that is infected with the
'Bobek2' linkvirus has been found. It was on Aminet for a short time,
but is has been removed now. But there just might be a few more archives
our there, so take care.. Use VirusExecutor, VirusZ & VirusChecker, with
(and this is very important) the xvs.library v33.26 to remove the virused
from Devoprefs file.
* Subscribe online to the VHT-DK Virus Warnings Announcement list.
Top of Page
Windows
31 July 2001 - NAI/PGP OnLine Scan for Code Red Worm
PGP Security & McAfee are offering their CyberCop Worm-Scan for online
vulnerability assessment for the Code Red Worm. You will need javascript
enabled in your browser, plus you will need to provide some personal info
such as name, email address and a password. The passowrd is required in
order to provide secure access to your CyberCop report that will be
mailed to your email address.
* Click here for NAI Press release of online scan service
31 July 2001 - Code Red Worm Still Present Threat to the Internet
Microsoft Corporate Summary: The Code Red Worm and mutations of the worm
pose a continued and serious threat to Internet users. Immediate action
is required to combat this threat. Users who have deployed software that
is vulnerable to the worm (Microsoft IIS Versions 4.0 and 5.0) must
install, if they have not done so already, a vital security patch.
Who Must Act?
Every organization or person who has Windows NT or Windows 2000 systems
AND the IIS web server software may be vulnerable. IIS is installed
automatically for many applications. If you are using Windows 95,
Windows 98, or Windows Me, there is no action that you need to take in
response to this alert.
What To Do If You Are Vunerable?
a. To rid your machine of the current worm, reboot your computer.
b. To protect your system from re-infection: Install the patch as
specified in the instructions.
The security bulletin that describes the patch and the vulnerability
it addresses is posted at:
http://www.microsoft.com/technet/security/bulletin/MS01-033.asp
Because of the importance of this threat, this alert is being made
jointly by: Microsoft, The National Infrastructure Protection Center
(NIPC), Federal Computer Incident Response Center (FedCIRC), Information
Technology Association of America (ITAA), CERT Coordination Center, SANS
Institute, Internet Security Systems and Internet Security Alliance.
Virus Help Team Canada Suggests the Following Links for fast info
* Patch: Windows NT 4.0 computers running Index Server 2.0
* Patch: Windows 2000 computers running Internet Information Service 5.0
* MS TechNet Security Tools including security and config checklists
31 July 2001 - Frisk Software International Code Red Summary
Code Red is the first worm that doesn't reproduce itself by copying
itself into files or by infecting files but runs in memory only and
reproduces by streaming communications between systems. Antivirus
software will not be of use to prevent infections or damage done by
the worm. Users of the IIS web server are required to get an update of
the server from Microsoft's website:
http://www.microsoft.com/windows2000/downloads/critical/q300972/default.asp
26 July 2001 - F-Secure Warns of Sircam Worm
F-Secure Corporation is alerting computer users worldwide about a new,
rapidly spreading e-mail worm called Sircam. Sircam is a mass mailing
e-mail worm with the ability to spread through Windows Network shares.
F-Secure anti-virus detects and disinfects the worm. This is the first
e-mail worm that is not Windows Outlook-specific. Instead, this worm
makes use of any e-mail system. This makes it much more liable to spread.
* Click here for Symantec Report on W32.Sircam.Worm@mm
* Click here to obtain Symantec's W32.Sircam.Worm@mm removal tool
21 July 2001 - Advisory 01-015: "Ida Code Red Worm"
National Infrastructure Protection Center (NIPC) Advisory says Internet
backbone providers have notified the NIPC they are witnessing large-scale
victimized web servers scanning for Microsoft Internet Information Server
(IIS) vulnerabilities.
21 July 2001 - Latest Macro.def for F-PROT Released
Frisk Software International has a new Macro.def for F-PROT. This version
of Macro.def was last modified/changed on: July 19, 2001
* See ftp://ftp.complex.is/pub/ for:
macrdef2.zip 201Kb
21 July 2001 - Updated .def Files Available for F-PROT
Frisk Software International announced new Sign.def and Sign2.def files
are availble. Also there is the Sign2.zip file which contains only the
file sign2.def without the sign.def file and, as a result, it is quite a
bit smaller than both def files together. Note that this sign2.def file
includes advanced generic detection capabilities which should hopefully
enable F-Prot to find most future variants of the VBS/LoveLetter worm.
The updates are available now at ftp://ftp.complex.is/pub/
* July 16 2001 releases
fp-def.zip 763Kb plus fp-def.asc
sign2.zip 128Kb
21 July 2001 - F-PROT v3.10 and F-PROT for Windows Available
Frisk Software International has a new v3.10 of F-PROT and F-PROT for
Windows. Read more about FP-WIN Anti-virus Program here.
See Download for details on how to get your own copy of F-PROT.
The update has been available since July 20th, 2001 at
ftp://ftp.complex.is/pub/
* July 20 2001 releases
a) FP-Win v3.10
fp-310.zip 1323Kb plus fp-310.asc
b) FP-Win v3.10 Trial
fp-win_310_trial.zip 5465Kb
17 July 2001 - Updated .def Files Available for F-PROT
Frisk Software International announced new Sign.def and Sign2.def files
are availble. Also there is the Sign2.zip file which contains only the
file sign2.def without the sign.def file and, as a result, it is quite a
bit smaller than both def files together. Note that this sign2.def file
includes advanced generic detection capabilities which should hopefully
enable F-Prot to find most future variants of the VBS/LoveLetter worm.
The updates are available now at ftp://ftp.complex.is/pub/
* July 16 2001 releases
fp-def.zip 760Kb plus fp-def.asc
sign2.zip 128Kb
17 July 2001 - Macro.def for F-PROT Released
Frisk Software International has a new Macro.def for F-PROT. This version
of Macro.def was last modified/changed on: July 15, 2001
* See ftp://ftp.complex.is/pub/ for:
macrdef2.zip 201Kb
13 July 2001 - News Items for Today
MS01-038 : Outlook View Control Exposes Unsafe Functionality (MS)
12 July 2001 - News Items for Today
DAT / SDAT 4147 McAfee Total Virus Defense Update
DAT File for weekly v4x 4146, and SuperDat File for v4x 4140/4147
are now available on Network Associates website.
Dr Solomon's VirusScan customers download here.
For more information on the use of the dat files, please see the
NAI's readme.txt. or download VirusScan v4.5 Admin Guide.
* Click here for VirusScan Emergency DATS
How to stop Windows ME from hanging during startup (MSNBC)
Unrecognizable CDs on Dells (MSNBC)
11 July 2001 - News Items for Today
Bogus Patch "leaves" Backdoor Open (Kaspersky Lab)
An Internet Worm "Leave" Spreads in the Form of Security Patch to
Windows Kaspersky Lab, an international data-security software
development company, warns users of the discovery of a new version
of the Internet worm...
(more on Leave) (F-Secure)
(more on W32.Leave.B.Worm) (Symantec)
QuickBooks 2001 causing system to hang? (MSNBC)
10 July 2001 - News Items for Today
New security risk from Trojan horses (ZDNet)
An emerging class of malicious code seeks out existing backdoors,
doubling the risk of attack
When Windows freezes Presario laptops (MSNBC bug report)
08 July 2001 - MSNBC Bug of the Day Front Page
Latest bug reports
* Presario upgrade clears up AMD incompatibilities
Compaq has issued a system ROM upgrade for the Presario 121xxx computers.
Read the bug report for details.
* Suspend Compaq Armada M300 problems
If a Compaq Armada M300 is put into Suspend mode, and it switches between
battery and AC during the suspend, it may have the wrong CPU speed after
it has resumed. Read the bug report for details.
05 July 2001 - DAT / SDAT 4146 McAfee Total Virus Defense Update
DAT File for weekly v4x 4146, and SuperDat File for v4x 4140/4146
are now available on Network Associates website.
Dr Solomon's VirusScan customers download here.
For more information on the use of the dat files, please see the
NAI's readme.txt. or download VirusScan v4.5 Admin Guide.
* Click here for VirusScan Emergency DATS
05 July 2001 - NAI Notice: Users of the Alpha SuperDat Package
Alpha SuperDat Packages will be discontinued as of July 4th 2001 due to
the End Of Life of all Alpha Products as of June 30 2001. This includes
ALPHA XDAT.exe ALPHA SUPERDAT.EXE ( Both engine only and DAT/Engine ).
04 July 2001 - MSNBC Bug of the Day Front Page
A few of the latest reported bugs
* When Eudora Pro 5.0.x crashes
Qualcomm Eudora Pro 5.0.x might crash if a nickname was deleted from an
alphabetized auto-completion drop down list. This has been fixed in
Eudora Pro 5.1.
* Windows may balk with lots of RAM
If a computer is running Windows 95, 98, 98SE or Me with more than 512
megabytes of RAM, opening an MS-DOS session (or command prompt) while
Windows is running may trigger an error. Read the report for more info.
* Search in Outlook 2002 may come up
Content-indexing issues with Microsoft Exchange Server may be responsible
for the absence of results after using the Find or Advanced Find function
in Outlook 2002 to search on a portion of an Internet e-mail address.
Read the report for more info.
Top of Page
Macintosh
08 July 2001 - Apple Recalls Power Adapters
MSNBC TechNews reports that Apple Computer Inc. said on Friday it was
recalling 570,000 notebook computer power adapters that could be fire
hazards. The power blocks were sold with PowerBook G3 notebooks shipped
from May 1998 until March 2000, Apple said.
04 July 2001 - Macintosh OS X Flaws Draw Hackers' Eyes
Zdnet Virus and hacking news says vulnerabilities emerge in Apple's
popular operating system. Apple has never had much trouble grabbing
attention for its Macintosh operating system. This time, however, it
may be attracting the wrong kind.
Top of Page
Linux
21 July 2001 - Latest Linux Weekly News Released
LWN.net Weekly Edition for July 19th, 2001 has been published.
12 July 2001 - News Items for Today
LWN.net weekly edition for July 12, 2001 is available (LWN)
11 July 2001 - News Items for Today
Trustix Secure Linux update for OpenSSL (LWN)
Trustix has released an update for the OpenSSL package provided in
their distribution.
EnGarde Secure Linux advisory for OpenSSL (LWN)
Engard Secure Linux has issued a security update for the OpenSSL
package available in its distribution.
10 July 2001 - News Items for Today
Red Hat advisory for xloadimage (LWN)
Red Hat has issued an advisory for the xloadimage package to address
buffer overflow issues. The problem is mostly limited to remote
exploits if xloadimage is called by Netscape (by 'plugger', for
example).
05 July 2001 - Latest Linux Weekly News Released
LWN.net Weekly Edition for July 4th, 2001 has been published. The LWN
team were on holidays yesterday, so the post only became available today.
Top of Page
Miscellaneous
15 July 2001 - Re-Arranged Virus Help Team Canada Pages
I have taken the links from the top of the About Us, Virus Warnings and
News pages, and made a new page just for links. Visit the new Links Page
12 July 2001 - News Items for Today
L-110: HP Open View Event Correlation Services Vulnerability (CIAC)
L-111: FreeBSD Signal Handling Flaw (CIAC)
Marijuana worm smoked out of action (ZDNet)
The recent PE_MARI.A worm was too flawed to take over many computers,
analysts say
Worms evolving into complex beasts (ZDNet)
Computer systems are becoming more like living organisms, says an
expert - and harder to keep healthy
11 July 2001 - News Items for Today
L-108: Oracle 8i TNS Listener Vulnerability (CIAC)
10 July 2001 - News Items for Today
Cisco patches security flaws (ZDNet)
A major vulnerability affects IOS software, enabling a hacker to
bypass the authentication function
CA-2001-17: Check Point RDP Bypass Vulnerability (CERT)
A vulnerability in Check Point FireWall-1 and VPN-1 may allow an
intruder to pass traffic through the firewall on port 259/UDP.
LOC HOAX (NAI)
If you receive this email, delete the it and DO NOT pass it on.
Presario upgrade clears up AMD (MSNBC bug report)
Request for translation of German documents (VHT-Denmark)
We need your help to get our "Amiga Virus Encyclopedia" on our website
up to 100%. So we are looking for a few persons that can help us with
to translate about 200 German virus documentation into English. If you
will help us, we are waiting for your reply. We have about 200 tests
that we need translations for, so we do need more that one person. We
can't pay you any money for your work, but you will support the a 'Good
Case'....
Contact Jan Andersen (vht-dk@post4.tele.dk).
08 July 2001 - Virus & Hacking News Specials from ZDNet
* Cisco patches security flaws
A major vulnerability affects IOS software, enabling a hacker to bypass
the authentication function
* Oracle software vulnerability exposed
Researchers have found a security hole in the company's popular 8i
database program that could let an outside attacker take over the
software. Oracle has released a patch to fix the flaw
* Hacker exploits Microsoft bug online
Virus experts shift the blame from the hackers to the companies who are
lax about installing patches
* Warnings hit security software but optimism remains
Assumptions that spending on security is an essential investment could
be undermined, as the security software market comes in for a rough ride
04 July 2001 - Symantec Reports: MusicPanel (MP3) Virus HOAX
Symantec Security's newest information on Virus Hoaxes, reports the
following message is a hoax. This "virus" does not exist.
Sample of hoax message:
Music fans around the planet will receive a shocking surprise
on their computers on American Independence Day,July 4, but only
if they have downloaded unauthorised songs from Napster, Gnutella
or other file swapping applications on the Internet.
Please ignore any messages regarding this hoax and do not pass on
messages. Passing on messages about the hoax only serves to further
propagate it.
Top of Page
Back to the News Archives page