Virus Warnings from July 2000
   ______________________________________________________________

   [Jump to Amiga] [Jump to Windows] [Jump to Mac] [Jump to Misc]
   ______________________________________________________________


   Amiga


   No virus warnings from July 2000

   Top of Page


   Windows

   Date: July 30, 2000
   CAI Newsletter Date: July 28, 2000
   Platform: PC
   Warning About: WScript/Kak.B worm (aka Kak.B and Days)
   Report From:   CAI
   * Release Note: Kak.B is a variant of the original
     wide-spread Kak.A worm that appeared in late 1999.
     Kak.A and Kak.B are Outlook spreading e-mail worms
     that exploit a security hole in Internet Explorer 4
     and 5.  The worm arrives in an e-mail without
     attachment and is invoked by just reading the e-mail.
     The worm installs its code as Outlook signature and
     will attach itself mostly unnoticed to any outgoing
     e-mail. It is frequently found in infected messages
     on the Usenet newsgroups.
   * Click for CAI Virus Information Center
   * Click for CAI Managing Virus Incidents

   Date: July 26, 2000
   NAI Posting Date: July 24, 2000
   Platform: PC
   Warning About: W97M/Timeless Macro Virus
   Report From:   NAI
   * Release Note: This virus is a class module macro virus
     that infects Word97/2000 documents and templates, and
     contains a date activated payload.
   * Click for NAI Report on W97M/Timeless

   Date: July 26, 2000
   NAI Posting Date: July 21, 2000
   Platform: MS Windows
   Warning About: W32/Dilbert Internet Worm
   Report From:   NAI
   * Release Note: This is a dangerous Internet worm which
     also carries four date activated payloads of dropping
     copies of other viruses. This worm may arrive via email
     as an attachment named "dilbertdance.jpg.exe".
   * Click for NAI Report on W32/Dilbert Internet Worm

   Date: July 26, 2000
   CIAC Posting Date: July 21, 2000
   Platform: Microsoft Excel 2000, Microsoft PowerPoint 97
             and 2000 and Microsoft Internet Explorer 5.5,
             5.01 SP1, 5.01, 4.01 SP2
   Warning About: Microsoft "Office HTML" & "IE" Script
                  Vulnerabilities
   Report From:   CIAC
   * Release Note: The first set of vulnerabilities allows
     malicious script code on a web page to cause a remotely
     hosted file to be saved on a visiting user's hard drive.
     The second vulnerability allows malicious script code
     on a web page to execute a VBA macro code in a remotely
     hosted file.  Apply the patches and the workaround as
     outlined in the CIAC K-061 Information Bulletin.
   * Click for CIAC Report and Solutions in K-061

   Date: July 26, 2000
   Posting Date: July 19, 2000
   Platform: Users of Outlook Express versions 4.0, 4.01,
             5.0, 5.01 and Users of Outlook versions 97,
             98, 2000M
   Warning About: Outlook Security Bug
   Report From:   CIAC and AISS
   * Release Note: A serious bug has been exposed in Microsoft's
      Outlook and Outlook Express e-mail clients. Microsoft has
      identified a buffer overflow vulnerability that occurs
      when downloading e-mail. The buffer overflow can occur
      even if the user does not open or preview the e-mail
      message.  Upgrade the software as directed in the CIAC
      K-060 Information Bulletin.
   * Click for CIAC Report on MS E-Mail Header Vulnerability
   * Click for AISS Report about Outlook Security Bug

   Date: July 7, 2000
   Platform: Windows System
   Warning About: Nsi: Word 97 macro virus
   Report From:   F-Secure
   * Release Note: Nsi: Word 97 macro virus disables the
     built in macro virus protection and replicates during
     opening and closing.
   * Click for F-Secure Report about Stages VBS worm

   Date: July 7, 2000
   Platform: Windows System
   Warning About: X97M/Divi is an Excel macro virus
   Report From:   F-Secure
   * Release Note: When an infected workbook is opened,
     this macro virus creates an infected workbook to the
     Excel's startup directory, "BASE5874.XLS".
   * Click for F-Secure Report about Excel macro virus

   Date: July 5, 2000
   Platform: Windows System
   Warning About: Jer: VBScript worm
   Report From:   F-Secure
   * Release Note: Once excuted, the worm copies itself to
     the Windows System directory as "jer.htm". It modifies
     the registry, disables several components from the Windows
     desktop, and also replaces the "script.ini" from the mIRC
     directory.
   * Click for F-Secure Report about Jer: VBScript worm

   Date: July 4, 2000
   Platform: All Microsoft systems, except for Windows 2000,
             running MSIE 4.0 to 5.01
   Warning About: MS "Active Setup Download" Vulnerability
   Report From:   CIAC Information Bulletin K-057 (30-jun-2000)
   * Release Note: The Microsoft Active Setup Control has an
     internal flaw which allows the downloading of a trusted
     '.cab' file to any disk location.
     Install the Microsoft patch.
   * Click for CIAC Report about Setup Vulnerability

   Date: July 4, 2000
   Platform: Microsoft Internet Explorer
   Notice About: Patch for Active Setup Download Vulnerability
   Report From:  Microsoft TechNet Security (29-jun-2000)
   * Release Note: Microsoft has released a patch that eliminates
     a security vulnerability in an ActiveX control that ships
     with Microsoft® Internet Explorer. The vulnerability could be
     used to overwrite files on the computer of a user who visited
     a malicious web site operators site.
   * Click for full report at MS about Patch

   Top of Page


   Macintosh

   No virus warnings from July 2000

   Top of Page


   Miscellaneous

   Date: July 25, 2000
   Platform: Windows 95 files in PE format.
   Warning About: CIH virus infection on the Net * UPDATE
   Report From:   Charlene, VirusChecker2 List Moderator
   * Release Note: I have been unable to find any information
     that this is a 'legit' happening, ie. www . download . com
     is infected with the CIH virus.  I think (personally)
     since nothing was found on the security sites about this
     latest outbreak on the web site above, all may be okay
     there, and not a threat at all.  The last CIH warning on
     the AISS site was from 24-April-2000, and there has been
     no update saying that CIH has been causing problems.
   * Click for Network Associates Description of CIH

   Date: July 25, 2000
   Platform: Possibly any system
   Warning About: CIH virus infection on the Net
   Report From:   Alex, Programmer of VirusCheckerII
   * Release Note: I just picked up this note from Alex,
     the programmer of the Amiga VirusCheckerII viri
     checking program:
       : All files from www.download.com are infected
       : by the CIH virus. 
       : don't open just forward
     I'm not quite sure what the "don't open just forward"
     means, but possibly it means, -not- to go to that
     URL, period.
 
   Date: July 12, 2000
   Platform: Systems running Microsoft SQL Server 7.0, or
             Enterprise Manager
   Warning About: MS "DTS Password" Vulnerability
   Report From:   CIAC Information Bulletin K-059
   * Release Note: A malicious user may gain unauthorized
     access to an SQL database to review/add/delete
     information in the data base.
   * Click for CIAC Report about DTS Password Vulnerability

   Date: July 12, 2000
   Platform: Windows System
   Warning About: Stages: Visual Basic Script worm
   Report From:   F-Secure
   * Release Note: VBS/Stages is a mass mailer which
     spreads over e-mail in an attachment with SHS
     extension.
   * Click for F-Secure Report about Stages VBS worm

   Date: July 8, 2000
   Platform: Windows Scripting Host (WSH)
   Warning About: VBS/COD Internet worm
   Report From:   NAI
   * Release Note: This is an Internet worm written in
     VBScript and embedded within a Word document. This
     worm may arrive by MAPI email or on IRC chat from
     infected users. Read the full report for information
     and links on how to protect yourself, and recommended
     updates.
   * Click for NAI Report on VBS/COD Internet worm

   Date: July 5, 2000
   Platform: Windows System and Outlook
   Warning About: Pica: worm written in VBScript
   Report From:   F-Secure
   * Release Note: When executed the worm copies itself to
     the Windows System directory as "Ds9.vbs". Then it
     modifies the registry, and also the worm will send itself
     to every recipient in every addressbook using Outlook.
   * Click for F-Secure Report about Pica worm

   Date: July 4, 2000
   Platform: Windows Scripting Host (WSH)
   Warning About: VBS/Pica.g  Alias: Sillyworm.vbs
   Report From:   NAI
   * Release Note: This is an Internet worm which can send itself
     via MAPI email and to IRC channels via a modified mIRC
     configuration file.  Visit NAI for Removal Instructions.
   * Click for NAI Report on VBS/Pica.g


   Back to the Virus Archives page

[Home] - [About Us] - [News] - [Downloads] - [Warnings] - [Links]
[Archives] - [Non-Java Web Chat] - [PGP] - [Search Page] - [Feedback]

Virus Help Team Canada Site (c)2000-2012 by Charlene
VHT-CAN and our webhoster disclaimes any responsibility for software
obtained through this site. Contact VHT-Canada