Virus Warnings from June 2000
   ______________________________________________________________

   [Jump to Amiga] [Jump to Windows] [Jump to Mac] [Jump to Misc]
   ______________________________________________________________


   Amiga


   Date: June 21, 2000
   Platform: Amiga
   Warning About: Motaba linkvirus
   Report From: Virus Help Denmark
   * Release Note: A new linkvirus has been found, it is
     named "Motaba" at this time none of the big antivirus
     programs can find and remove this virus, But a new
     update if "Safe" has been released today (v13.5), and
     it can detect this new linkvirus.
   * Webmasters Note: Once the new update of "Safe" is
     available, it will be announced on the news page, and
     available for download on the downloads page. At the
     time of the vht-dk notice, the new v13.5 update to Safe
     was not available. Sorry.

   Date: June 5, 2000
   Platform: Amiga
   Warning About: TCP Trojan's on the wild
   Report From:   Virus Help Denmark
   * Release Note: Today vht-dk recived information from Zbigniew
     `Zeeball` Trzcionkowski the programmer of "SAFE", that there
     is some new TCP trojan on the loose. Please read the full text
     that Zbigniew wrote, found in the vht-dk89 Read Me file.
     So to be sure please check your system for:
     LIBS:rexxfunc.library size: 1136
     LIBS:rexxfifo.library size: 1136
     L:wb.handler  size: 4716
     C:mount                (is bigger)
     ...and wait for new xvs.library from Alex van Niel.
   * Click here for VHT-DK Virus Warning vht-dk89

   Top of Page


   Windows

   Date: June 29, 2000
   Platform: PC DOS, and Windows 95/98
   Warning About: Trojan.BAT Simpsons
   Report From: F-Secure
   * Release Note: This is simple BAT trojan that deletes all
     files on C:, A:, B: and D: drives. The Simpsons vandal
     is a Trojan, usually arriving by e-mail. Only DOS, and
     Windows 95/98 can be damaged because this vandal uses the
     DOS DELTREE.EXE command, not found in Windows NT/2000.
   * Click for F-Secure Report about Simpsons Trojan
   * Click for AISS Report about Simpsons Trojan
   * Click for NAI Report about Simpsons Trojan

   Date: June 29, 2000
   Platform: Microsoft Windows NT 4.0, Windows 2000
   Warning About: HP Web JetAdmin Vulnerability
   Report From: CIAC Information Bulletin K-055
   * Release Note: A security vulnerability has been
     identified by Hewlett-Packard in which certain
     malformed URLS can stop Web JetAdmin 6.0 service.
     Install Web JetAdmin 6.0 (6.0.1233)
   * Click for CIAC Report about Security Vulnerability

   Date: June 28, 2000
   Platform: PC
   Warning About: Software bugs in Microsoft IE, Outlook
   Report From: CNET News.com
   * Release Note: Microsoft is investigating a trio of software
     bugs that analysts say could open the door to "Love"
     bug-grade security scenarios.  The security holes affect
     combinations of Microsoft products.
   * Click for CNET News report about MS Software bugs

   Date: June 20, 2000
   Platform: PC
   Warning About: Life_Stages Worm
   Report From: F-Secure
   * Release Note: VBS/Stages is a Visual Basic Script
     worm. It is a mass mailer which spreads over e-mail
     in an attachment with SHS extension.
   * It is important to note that, by default, Windows
     operating systems are configured to hide the ".SHS"
     file extension from the user.
   * Click for full report at F-Secure about Life_Stages Worm

   Date: June 20, 2000
   Platform: PC users of Windows 95/98
   Warning About: VBS.Shortcut Vandal
   Report From: Aladdin Internet Security Solutions (AISS)
   * Release Note: This is a VBScript vandal arriving as an
     e-mail attachment like some other recent vandals. It
     spreads using MS Outlook.
   * Click for full report at AISS about Shortcut Vandal

   Date: June 19, 2000
   Platform: PC
   Warning About: life_stages.txt.shs Infections
   Report From: CERT/CC
   * Release Note: On June 16th, CERT/CC began to receive
     reports of computers running versions of Microsoft
     Windows being infected by a malicious program named
     "life_stages.txt.shs". This is a Shell Scrap Object
     file, typically a file type used with OLE objects,
     that contains a malicious VBScript program.  It is
     important to note that, by default, Windows operating
     systems are configured to hide the ".SHS" file extension
     from the user.
   * Click for full report at CERT about SHS Infections

   Date: June 19, 2000
   Platform: PC
   Warning About: HHCtrl ActiveX Control
   Report From: CERT/CC
   * Release Note: HHCtrl ActiveX Control Allows Local
     Files to be Executed. This HHCtrl ActiveX control
     has a serious vulnerability that allows remote
     intruders to execute arbitrary code, if the intruder
     can cause a compiled help file (CHM) to be stored
     "locally."
   * Click for full report at CERT about HHCtrl ActiveX Control

   Top of Page

   Date: June 15, 2000
   Platform: PC
   Warning About: Fake First Aid 6.03 Upgrade
   Report From:   NAI
   * Release Note: AVERT received a copy of a message which
     could be distributed across the Internet containing a
     hyperlink to download a "compatibility upgrade" for
     First Aid, however the link downloads the remote
     access trojan known as Sub7 (BackDoor-G2).
   * Click for full report at NAI about Fake First Aid Upgrade

   Date: June 15, 2000
   Platform: PC
   Warning About: Patch for "Desktop Separation" Vulnerability
   Report From: Microsoft TechNet Security
   * Release Note: Revision - MS has released a patch that
     eliminates a securit vulnerability in MS Windows2000.
     The vulnerability could allow a malicious user to gain
     additional privileges on a machine that he could log
     onto at the keyboard.
   * Click for full report at MS about Patch

   Date: June 14, 2000
   Platform: PC
   Warning About: Patch for "DTS Password" Vulnerability
   Report From: Microsoft TechNet Security
   * Release Note: Microsoft has released a patch that eliminates
     a security vulnerability in a component that ships with
     Microsoft. SQL Server 7.0. If the component is configured
     improperly, the vulnerability could allow passwords to be
     compromised.
   * Click for full report at MS about Patch

   Date: June 14, 2000
   Platform: PC
   Warning About: Panther
   Report From: F-Secure
   * Release Note: W97M/Panther is a Word 97 macro virus,
     which infects the global template when an infected
     document is opened. Then it disables the built-in
     macro virus protection.
   * Click for full report at F-Secure about Panther

   Date: June 11, 2000
   Platform: PC
   Warning About: Serbian Vandal
   Report From: Aladdin Internet Security Solutions (AISS)
   * Release Note: The Serbian-Badman vandal was announced
     and discussed extensively in the media, but in practice
     it caused no known damages.
   * Click for full report at AISS about Serbian Vandal

   Top of Page

   Date: June 10, 2000
   Reported on: June 7, 2000
   Platform: PC
   Warning About: Melissa  Variant: Melissa.AO
   Report From: F-Secure
   * Release Note: W97M/Melissa.AO uses Outlook to send
     email message.  The payload activates at 10am on 10th
     day of each month when the virus inserts the following
     text to the active document:  Worm! Let's We Enjoy.
   * Click for full report at F-Secure about Melissa

   Date: June 9, 2000
   Platform: Systems with MIT-derived implementations of the
             Kerberos 4 KDC and 5 KDC enabled to handle krb4
             ticket requests
   Warning About: MIT Kerberos Vulnerable to DoS Attacks
   Report From: CERT/CC
   * Release Note: The CERT Coordination center posted that MIT
     reports of several potential buffer overflow vulnerabilities
     in the Kerberos authentication software.
   * Click for full report at CERT about Vunerable AttacksE

   Date: June 9, 2000
   Platform: PC
   Warning About: Downloader  Variant: LoveLetter.AS
   Report From: F-Secure
   * Release Note: Downloader trojan was found on 7 June 2000.
     It has been posted to several newsgroups as
     "QuickFlick.mpg.exe".
   * Click for full report at F-Secure abot Downloader

   Date: June 9, 2000
   Platform: PC
   Warning About: LoveLetter  Variant: LoveLetter.AS
   Report From: F-Secure
   * Release Note: VBS/LoveLetter.AS spreads messages with
    the following certain characteristics. This variant has
    an additional payload. It activates September 17th.
   * Click for full report at F-Secure about LoveLetter

   Date: June 8, 2000
   Platform: PC
   Warning About: VBS/Gorum.a
   Report From:   NAI
   * Release Note: NAI says AVERT is analyzing this file and
     will have a description shortly.
   * Click for full report at NAI about VBS/Gorum.a

   Date: June 8, 2000
   Platform: PC
   Warning About: Remote Registry Access Authentication
   Report From: Microsoft TechNet Security
   * Release Note: Patch Available for "Remote Registry Access
     Authentication " Vulnerability.
   * Click for full report at MS about Patch

   Top of Page

   Date: June 6, 2000
   Platform: PC
   Warning About: QDel104
   Report From: NAI
   * Release Note: This Visual Basic program was posted to
     a newsgroup as an update to Dr. Web Antivirus. However
     it is a file deletion trojan.
   * Click for full report at NAI about QDel104

   Date: June 6, 2000
   Platform: Systems running Microsoft Internet Explorer
   Warning About: Inconsistent Warning Messages in Internet Explorer
   Report From: CERT/CC
   * Release Note: Several flaws exist in Microsoft Internet
     Explorer that could allow an attacker to masquerade as a
     legitimate web site if the attacker can compromise the
     validity of certain DNS information.
   * Click for full report at CERT about Warning Messages in MSIE

   Date: June 5, 2000
   Platform: PC
   Warning About: SSL Certificate Validation
   Report From: Microsoft TechNet Security
   * Release Note: Patch Available for "SSL Certificate
     Validation" Vulnerabilities
   * Click for full report at MS about Patch

   Date: June 2, 2000
   Platform: PC
   Warning About: HTML Help File Code Execution?
   Report From: Microsoft TechNet Security
   * Release Note: Patch Available for "HTML Help File Code
     Execution? " Vulnerability
   * Click for full report at MS about Patch

   Date: June 2000
   Platform: PC
   Warning About: Eudora Light for Windows
   Report From: TCFN News, May-June 2000
   * Release Note: There could be a potential security
     problem with Eudora Light for Windows. While it won't open
     attachments automatically, it may disguise a link to an
     attachment within the text of a message, so that you could
     run a program on your computer without knowing it!
   * Click for info and fix at CNet News for Eudora Light

   Top of Page


   Macintosh

   No virus warnings from June 2000

   Top of Page


   Miscellaneous

   Date: June 12, 2000
   Platform: PC
   Warning About: Potential 'attack' software planted
   Report From: ZDNet
   * Release Note: Network Security has found software implanted
     in thousands of computers that could be activated for a
     denial of service attack.
   * Click for full report at zdNet about 'attack' software

   Date: June 6, 2000
   Platform: PC
   Warning About: Timofon
   Report From: F-Secure
   * Release Note: This is a simple VBS e-mail chain letter,
     much like the LoveLetter worm.  What makes this virus
     special is that it sends SMS short messages to GSM phones.
     Messages are sent to random numbers via a SMS gateway at
     Movistar.net.
   * Click for full report at F-Secure about Timofon

   Date: June 5, 2000
   Warning Released: May 30, 2000
   Platform: UNIX
   Warning About: Flaw in PGP 5.0 Key Generation
   Report From: CERT/CC
   * Release Note: UNIX systems having a /dev/random device
     running any version of PGP 5.0, including U.S. Commercial,
     U.S. Freeware, and International versions. Under certain
     circumstances, PGP v5.0 generates keys that are not
     sufficiently random, which may allow an attacker to predict
     keys and, hence, recover information encrypted with that
     key.
   * Click for full report at CERT about Flaw in PGP 5.0 Key Generation

   Date: June 2, 2000
   Platform: UNIX, Windows NT, Windows 95/98:
   Warning About: Permissions Problems with FrontPage Extensions
   Report From: CIAC Information Bulletin K-048
   * Release Note: Permission settings on FrontPage Extensions
     may allow defacements of web pages. A remote user may
     deface web pages of any given site when the permissions
     are not set properly. 
   * Click for full report at CIAC about MS FrontPage Extensions


   Back to the Virus Archives page

[Home] - [About Us] - [News] - [Downloads] - [Warnings] - [Links]
[Archives] - [Non-Java Web Chat] - [PGP] - [Search Page] - [Feedback]

Virus Help Team Canada Site (c)2000-2012 by Charlene
VHT-CAN and our webhoster disclaimes any responsibility for software
obtained through this site. Contact VHT-Canada