Virus Warnings from August 2000
______________________________________________________________
[Jump to Amiga] [Jump to Windows] [Jump to Mac]
[Jump to Linux] [Jump to Misc]
______________________________________________________________
Amiga
Date: August 29, 2000
Platform: Amiga
Warning About: 8x8 - Motaba-3, link virus found * UPDATED
Report From: Virus Help Denmark
* Release Note: Today we recived information from about an
infected archive that was on Aminet and has been
released on Aminet CD-38. This archive is infected with
the linkvirus named by xvs.library v33.23, '8x8 virus'
and named by VT-Schutz v3.17 as 'Motaba-3 virus'.
* Webmaster Note: Please read the readme file accompaning
this *updated* warning.
* Click here for VHT-DK Virus Warning vht-dk91
Date: August 29, 2000
Platform: Amiga
Warning About: 8x8 - Motaba link virus found
Report From: Virus Help Denmark
* Release Note: Today we recived information from about an
infected archive that was on Aminet and has been
released on Aminet CD-38. This archive is infected with
the linkvirus named by xvs.library v33.23, '8x8 virus'
and named by VT-Schutz v3.17 as 'Motaba-3 virus'.
* Click here for VHT-DK Virus Warning vht-dk90
Top of Page
Windows
Date: August 30, 2000 (Announced Aug 28, 2000)
Platform: Microsoft Windows 2000
Patch Available: Local Security Policy Corruption Vulnerability
Report From: MicroSoft TechNet Security
* Release Note: Microsoft has released a patch that
eliminates a security vulnerability in MS Windows 2000.
The vulnerability could allow a malicious user to disrupt
normal operation of an affected machine, and potentially
of an entire network. Customers who have applied Windows
2000 Service Pack 1 are already protected against the
vulnerability and do not need to take any further action.
* Click here for MS Security Bulletin MS00-062
Date: August 30, 2000 (Reported Aug 28, 2000)
Platform: MS Windows 9x
Warning About: W32/NewsTick Win9x Internet Backdoor Trojan
Report From: NAI
* Release Note: This is a Windows 9x Internet Backdoor trojan.
When running it gives full access to the system over the
Internet to anyone running the appropriate client software.
The application hides itself from the Win9x task manager.
Visit the NAI link, for removal instructions.
* Click here for NAI Report on W32/NewsTick
Date: August 27, 2000 (Announced Aug 25, 2000)
Platform: Microsoft Money 2000 and 2001
Patch Available: Money Password Vulnerability
Report From: MicroSoft TechNet Security
* Release Note: Microsoft has released a patch that
eliminates a security vulnerability in Microsoft Money.
The vulnerability could allow a malicious user to obtain
the password of a Money data file.
* Click here for MS Security Bulletin MS00-061
Date: August 27, 2000 (Announced Aug 25, 2000)
Platform: Microsoft Internet Information Server 4.0 and 5.0
Patch Available: IIS Cross-Site Scripting Vulnerabilities
Report From: MicroSoft TechNet Security
* Release Note: Microsoft has released a patch that eliminates
security vulnerabilities in Microsoft Internet Information
Server. The vulnerabilities could allow a malicious web site
operator to misuse another web site as a means of attacking
* Click here for MS Security Bulletin MS00-060
Date: August 25, 2000
Platform: PC
Warning About: VBS/Elva Internet Worm
Report From: NAI
* Release Note: This is an Internet worm written in VB
Script with an .HTA extension. This virus may arrive via
MAPI email as the file name "card.hta". This virus requires
Windows Scripting Host and the interpreter file MSHTA.EXE
in order to execute.
* Click here for NAI Report on VBS/Elva Worm
Date: August 25, 2000
Platform: Windows 9x/NT systems
Warning About: W32/MTX@mm Internet Worm
Report From: NAI
* Release Note: This is a 32bit PE file infector. This virus
modifies WSOCK32.DLL in an effort to hook SMTP traffic as
an attachment. This virus searches for available shares
through Network Neighborhood in an effort to transfer to
host systems. McAfee AVERT is still analyzing this virus.
Visit NAI for removal instructions, and the AVERT
recommended updates.
* Click here for NAI Report on W32/MTX@mm Worm
Date: August 23, 2000 (Reported on Aug 18, 2000)
Platform: MS Internet Explorer and Access 97 or 2000
Warning About: Hole in MS Access, allows access
Report From: MSNBC Bug of The Day (BugNet)
* Release Note: Bruce Kratofil of Bugnet, says in part:
"Aug. 18 It's been two steps forward, one step back for
Microsoft, as they have worked to patch a security problem
that has been dubbed "probably the most dangerous
programming error in Windows" that Microsoft has made.
Unfortunately for users, the patch does not appear to be
complete."
* Click here for Complete Article Hole in Access allows access
Date: August 23, 2000 (Announced Aug 21, 2000)
Platform: Microsoft virtual machine (Microsoft VM)
Patch Available: Java VM Applet Vulnerability
Report From: MicroSoft TechNet Security
* Release Note: Microsoft has released a patch that eliminates
a security vulnerability in the Microsoft. virtual machine
(Microsoft VM). If a malicious web site operator were able
to coax a user into visiting his site, the vulnerability
could allow him to masquerade as the user, visit other sites
using his identity, and relay the information back to his
site.
* Click here for MS Security Bulletin MS00-059
Date: August 23, 2000
Platform: Win32 systems
Warning About: Qaz Network Worm
Report From: F-Secure
* Release Note: This is network worm spreading under Win32
systems with {backdoor:Backdoor} abilities. That worm was
reported in-the-wild in July-August 2000. The worm itself
in Win32 executable file about 120K of length, written in
MS Visual C++.
* Click for F-Secure Report on Qaz Network Worm
Date: August 23, 2000 * Updated from 18-Aug-2000
Platform: PC
Warning About: W97M/Doeii.A Word Macro Virus
Report From: F-Secure
* Release Note: Doeii is a Word macro virus that encrypts
the infected documents. W97M/Doeii.A infects on opening
an existing document or creating a new one.
* Click for F-Secure Report on Doeii Word Macro Virus
Updated Date: August 19, 2000 * Updated
Platform: Windows System
Warning About: VBS/Loveletter VBScript Internet worm
Report From: F-Secure
* Release Note: VBS/LoveLetter is a VBScript worm. It
spreads through e-mail as a chain letter. F-Secure says
you can protect yourself against VBScript worms by
uninstalling the Windows Script Host.
* Click for F-Secure Update on LoveLetter worm
* Click for F-Secure Info on Uninstalling Windows Script Host
Date: August 18, 2000
Platform: All platforms running IIS versions 1.0, 2.0,
3.0, and 4.0
Warning About: Automated Web Interface Scans IIS for
Multiple Vulnerabilities
Report From: CIAC
* Release Note: Several vulnerabilites may be exploited
in Microsoft's Internet Information Server (IIS). An
outsider can gain access to the source code of scripts,
possibly containing usernames and passwords, locations
of MS Access MDB files or other sensitive information.
CIAC says the risk is high.
* Click for CIAC Report and Solutions in K-068
Date: August 18, 2000
Platform: MS Windows
Warning About: VBS/Loveletter.bd Internet worm
Report From: NIPC (in additon to NAI and F-Secures Reports)
* Release Note: On August 17, 2000, the NIPC began tracking
the propagation of this worm, which contains password-
stealing agent. When the infected system is re-booted the
Trojan proceeds to capture network password information
and sensitive PIN information stored in the registry
related to UBS online banking software. There have been
2 reports of this worm on United States sites.
* Click here for NIPC Alert 00-053 (Loveletter.bd)
Date: August 17, 2000
Platform: MS Windows 2000
Warning About: Potential Gap in Windows, IE 5.x
Report From: SANS Institute Online
* Release Note: SANS has a link to the New York Times
article by Evan Hansen, of CNET News.com. Evan starts
off with "Noted bug hunter Georgi Guninski issued a
security alert today warning that Microsoft Windows 2000
and later versions of Internet Explorer may be vulnerable
to security problems planted in local and remote network
folders."
* Click here for SANS News Link to Potential Gap
Updated Date: August 17, 2000
Platform: Windows System
Warning About: VBS/Loveletter.bd VBScript Internet worm
Report From: NAI and F-Secure
* Release Note: This is a VBScript Internet worm which was
based loosely on the original VBS/Loveletter worm. This
worm does not damage files however does contain another
mechanism of downloading a password stealing agent and
launching this silently in the background. In addition,
this worm steals PIN information stored in the registry
related to UBS online banking software. This Internet
worm is detected as "New VBS" using VirusScan 4.5 with
heuristics enabled. You can protect yourself against
VBScript worms by uninstalling the Windows Script Host.
Please visit either NAI or F-Secure, to find out how.
* Click for NAI New Report on LoveLetter worm
* Click for F-Secure New Report on LoveLetter worm
Date: August 15, 2000
Platform: MS Windows 2000
Warning About: W2K can leave systems unprotected
Report From: MSNBC Bug of The Day
* Release Note: Last week, BugNet reported an incompatibil-
ity between Windows 2000 Service Pack 1 and ZoneAlarm.
After more testing with KeyLabs, BugNet was able to
identify another personal firewall product that fell
victim to Microsoft's update for Windows 2000.
* Click here for Win2000 and BlackICE at odds Report
Date: August 15, 2000
Platform: MS Windows 2000
Patch Available: Specialized Header Vulnerability
Report From: MicroSoft TechNet Security
* Release Note: Microsoft has released a patch that
eliminates a security vulnerability in Internet
Information Server that ships with Microsoft Windows
2000. Under certain conditions, the vulnerability could
cause a web server to send the source code of certain
types of web files to a visiting user.
* Click here for MS Security Bulletin (MS00-058)
Date: August 12, 2000
Platform: A number of MS Products
Warning About: Scriptlet Rendering
Microsoft Office HTML Object Tag
File Permission Canonicalization
Report From: MicroSoft TechNet Security
* Release Note: Microsoft has released a number of
Security Bulletins, dealing with the list of the
above vunerabilities. Check out the bulletins below,
in their respective order.
* Click here for MS Security Bulletin (MS00-055)
* Click here for MS Security Bulletin (MS00-056)
* Click here for MS Security Bulletin (MS00-057)
Date: August 11, 2000
Platform: PC
Warning About: NAI Varioius Viruses and Trojans
Report From: NAI
* Release Note: There are a few trojans and worms
listed on the NAI New Viruses Page.
* Click here for Report on W32/Sysid.worm
* Click here for Report on W97M/Tpro.a
* Click here for Report on X97M/Jal.a
* Click here for Report on Girl Thing
Date: August 11, 2000
Platform: PC
Warning About: Microsoft "IE Script"/Access/OBJECT Tag
Vulnerability
Report From: CERT
* Release Note: Under certain conditions, Internet Explorer
can open Microsoft Access database or project files
containing malicious code and execute the code without
giving a user prior warning. Access files that are
referenced by OBJECT tags in HTML documents can allow
attackers to execute arbitrary commands using Visual
Basic for Applications or macros.
* Click here for CERT Advisory CA-2000-16
Date: August 10, 2000
Platform: PC
Warning About: X97M/Barisada Excel macro virus
Report From: F-Secure
* Release Note: When an infected workbook is deactivated,
the virus drops its code to the "hjb.xls" into the Excel
startup directory. After Excel has been restarted, every
workbook be will infected.
* Click for F-Secure Report about Barisada macro virus
Date: August 10, 2000
Platform: PC
Warning About: Netscape Allows Java Applets to Read
Protected Resources
Report From: CERT
* Release Note: Netscape Communicator and Navigator ship
with Java classes that allow an unsigned Java applet
to access local and remote resources in violation of
the security policies for applets.
* Click here for CERT Advisory CA-2000-15
Date: August 10, 2000
Platform: PC running Microsoft Outlook versions
Warning About: MS Outlook Express and others
Report From: National Capital Freenet (NCF) Help-Desk
* Release Note: Anyone using Microsoft Outlook or Outlook
Express should keep abreast of ongoing security attacks
by hackers that have the potential to cause very serious
harm to the integrity of your files and introduce viruses!
The latest critical security patch affects the following
systems: Microsoft Outlook Express 4.0, 4.01, 5.0, 5.01,
and MS Outlook 97/98/2000 users who use IMAP4 or POP3
servers.
* Click here for MS Patches and alerts for security bugs
Date: August 9, 2000
Platform: PC
Warning About: Stages Visual Basic Script worm
Report From: F-Secure
* Release Note: This Visual Basic Script worm mass
mails itself as an e-mail attachment which has an
SHS-extension.
* Click for F-Secure Report about VBS/Stages Script worm
Top of Page
Updated Date: August 9, 2000
Platform: Windows System
Warning About: LoveLetter VBScript worm
Report From: F-Secure
* Release Note: VBS/LoveLetter is a VBScript worm. It spreads
through e-mail as a chain letter. it spreads using a mIRC
client as well. You can protect yourself against VBScript
worms by uninstalling the Windows Script Host. For further
information, please look at:
http://www.F-Secure.com/virus-info/u-vbs/
* Click for F-Secure New Report on LoveLetter worm
Date: August 9, 2000
Platform: Internet connected system running Netscape
Warning About: Brown Orifice Trojan
Report From: SANS
* Release Note: There is a follow-up on the article from
security expert Dan Brumleve, warning abut Brown Orifice.
SANS has a link to a Wired News article, that has some
interesting findings of Dan Brumleve, including how this
hole "allows Java to open a server that can be accessed by
arbitrary clients," and the second hole is more dangerous,
and is only found in Netscape: It "allows Java to access
arbitrary URLs, including local files."
* Click for SANS: Follow-Up: Brumleve Warns
Date: August 8, 2000
Platform: PC
Warning About: Adobe Security Update Patch
Report From: Adobe
* Release Note: Adobe has released an update which
includes patches that eliminate security vulnerabilities
in Adobe. By downloading and installing the Acrobat 4.05
Update 2, you will eliminate this vulnerability.
* Click for Acrobat 4.05 Update Update Page
Date: August 7, 2000
Platform: Internet connected system running Netscape
Warning About: Brown Orifice Trojan
Report From: NAI and SANS
* Release Note: Network Associates Inc. says: Brown
Orifice (BrO) is proof of concept code designed to
convert an Internet connected system running Netscape
into a shared file server via a Java session. SANS
has a couple of links to the story.
* Click for NAI Report about Brown Orifice Trojan
* Click for SANS: Brown Orifice Security Hole Discovered
Date: August 4, 2000
Platform: Windows System
Warning About: W97M_PIECE.A Macro Virus
Report From: SANS Institute Online
* Release Note: Aliases: PIECE.A, Macro.Office97.Melissa-
based, W97M/Melissa.gen@MM, W97M.OutlookWorm.gen/
SANS Institute has a link to Trend Micro, Incorporated,
warning about W97M_PIECE.A Macro Virus.
* Click for SANS Report about W97M_PIECE.A Macro
Date: August 1, 2000
Platform: Windows System
Warning About: LoveLetter VBScript worm
Report From: F-Secure
* Release Note: VBS/LoveLetter is a VBScript worm. It spreads
through e-mail as a chain letter. it spreads using a mIRC
client as well. You can protect yourself against VBScript
worms by uninstalling the Windows Script Host. For further
information, please look at:
http://www.F-Secure.com/virus-info/u-vbs/
* Click for F-Secure New Report on LoveLetter worm
Date: August 1, 2000
Platform: Windows System
Warning About: X97M/Barisada Excel macro virus
Report From: F-Secure
* Release Note: When an infected workbook is deactivated,
the virus drops its code to thejb.xls" into the Excel
startup directory. After Excel has been restarted, every
workbook be will infected. The virus activates its
payload 2 pm at April, 24th. At this time the virus shows
two dialogs. Use the link supplied here, to read more.
* Click for F-Secure Report about Barisada virus
Date: August 1, 2000
Platform: PC
Warning About: W97M/Model Word 97 macro virus
Report From: F-Secure
* Release Note: When an infected document is opened, the
virus infects the global template and disables the built-in
macro virus protection. After that all documents opened
or created will be infected. Click the link here, to read
more about the different variants and their effect.
* Click for F-Secure Report about Model Word 97 macro virus
Date: August 1, 2000
Platform: PC
Warning About: W97M/Rendra Word 97 macro virus
Report From: F-Secure
* Release Note: When an infected document is opened, W97M/
Rendra.A disables the macro virus protection and infects
the global template. After that every document that is
closed will be infected. When a new document is created,
the virus inserts large green text to it.
* Click for F-Secure Report about Rendra Word 97 macro virus
Top of Page
Macintosh
Date: August 9, 2000
Platform: Mac System Doftware prior to Mac OS 9.0.4
Warning About: Hardware - Sleep Memory Extension
Report From: Apple Computer, Inc.
* Release Note: Apple has identified a bug in system
software prior to Mac OS 9.0.4 which in very rare
circumstances can prevent your computer from properly
waking up from sleep. Though you will most likely never
encounter this bug, we still recommend that all iBook
and new PowerBook (FireWire) owners download and install
the Sleep Memory Extension software patch which eliminates
this bug. (The patch is not necessary if your computer is
running Mac OS 9.0.4 or later.)
* Click for Apple's Sleep Memory Extension Info
Top of Page
Linux
Date: August 30, 2000
Platform: Caldera Linux
Warning About: /tmp file race in faxrunq
Report From: Caldera Systems, Inc.
* Release Note: Vulnerable versions include OpenLinux
Desktop 2.3, eDesktop 2.4, OpenLinux eServer 2.3 and
OpenLinux eBuilder. The mgetty package contains a number
of tools for sending an receiving facsimiles. One of the
tools, faxrunq, uses a marker file in a world-writable
directory in an unsecure fashion. This bug allows malicious
users to clobber files on the system owned by the user
invoking faxrunq.
* Click here for Caldera Advisory CSSA-2000-029.0
Date: August 25, 2000
Platform: Linux-Mandrake 7.1 and 7.0
Warning About: An easy ux-Mandrake exploit
Report From: MSNBC Bug of the Day
* Release Note: In MandrakeSoft, Inc.'s Linux-Mandrake 7.1
and 7.0 bind is launched as uid/gid root, which allows
potential vulnerabilities in bind to be more easily
exploited. Use the update utility on your desktop to
upgrade to a fixed version.
* Click here for MSNBC Report on ux-Mandrake exploit
Date: August 24, 2000
Platform: Caldera Linux
Warning About: Ld.so unsetenv problem
Report From: Caldera Systems, Inc.
* Release Note: A bug has been discovered in ld.so that
could allow local users to obtain super user privilege.
* Click here for Caldera Advisory CSSA-2000-028.0
Date: August 23, 2000
Platform: Red Hat Linux
Warning About: Red Hat Linux Root Exploit
Report From: MSNBC Bug of the Day
* Release Note: On Aug 22nd, BugNet reports there is a
potential remote root exploit in rpc.statd in Red Hat
Linux 6.0 through 6.2. This daemon is part of the
nfs-utils package. They advise to upgrade to the
newest nfs-utils package. There are links available
from MSNBC Bug of the Day.
* Click here for Aug 22: Red Hat Linux root exploit
* Click here for Aug. 21: Better update Red Hat Linux
Date: August 21, 2000
Platform: Caldera Linux
Warning About: Netscape java security bug
Report From: Caldera Systems, Inc.
* Release Note: Recently, a problem in netscape's java
libraries was discovered that allows an applet to act
as a web server on your machine, exposing all files on
your system to the world. An exploit for this vulner-
ability has been publed widely under the name "Brown
Orifice".
* Click here for Caldera Advisory CSSA-2000-027.1
Date: August 19, 2000
Platform: Systems running the rpc.statd service
Warning About: Input Validation Problem in rpc.statd
Report From: CERT Advisories
* Release Note: The CERT/CC has begun receiving reports
of an input validation vulnerability in the rpc.statd
program being exploited. This program is included, and
often installed by default, in several popular Linux
distributions. The CERT says to upgrade your version
of rpc.statd, disable the rpc.statd service, and to
block unneeded ports at your firewall. More info in
the advisory.
* Click here for CERT Advisory CA-2000-17
Date: August 17, 2000
Platform: Linux systems
Warning About: Compromises via rpc.statd Vulnerability
Report From: CERT/CC Current Activity
* Release Note: The CERT/CC is receiving reports of Linux
systems being root compromised via a recently discovered
vulnerability in rpc.statd. Red Hat and Debian have both
released advisories and patches for their respective NFS
packages. Please visit CERT/CC Current Activity, for the
links to Red Hat and Debian reports and patches.
* Click here for CERT/CC Current Activity
* CERT/CC Steps for Recovering From a Root Compromise
Top of Page
Miscellaneous
Date: August 30, 2000
Platform: 3COM Palm platform
Warning About: Liberty (Palm), Warez.prc, Crack 1.1 Trojan
Report From: F-Secure and Network Associates
* Release Note: The LIBERTY.A is a simple trojan written
for the 3COM Palm platform, when activated the trojan
deletes all application files on the device. For directions
on removing the trojan from palm devices and how files can
be restored, visit the F-Secure site.
* F-Secure Anti-Virus v5.0 detects and disinfects this Trojan
during synchronization operations, using the latest update
available from http://www.F-Secure.com.
* Click for F-Secure Report on Liberty (Palm) Trojan
* Click for NAI Report on Liberty (Palm) Trojan
Date: August 24, 2000
Platform: PGP versions 5.5.x through 6.5.3, domestic
and international
Warning About: PGP May Encrypt Data With Unauthorized ADKs
Report From: CERT Advisories
* Release Note: Additional Decryption Keys (ADKs) is a
feature introduced into PGP (Pretty Good Privacy) versions
5.5.x through 6.5.3 that allows authorized extra decryption
keys to be added to a user's public key certificate. However,
an implementation flaw in PGP allows unsigned ADKs which have
been maliciously added to a certificate to be used for
encryption. Philip Zimmermann, author of PGP, says in part
"The MIT web site should have a new PGP 6.5.x freeware
release early Friday, and the NAI/PGP web site should have
patches out for the commercial releases at about the same
time."
* Click here for CERT Advisory CA-2000-18 on PGP
Date: August 22, 2000
Platform: Sun Microsystems Java Web Server
Warning About: Sun's Java Web Server Remote Command
Report From: Foundstone, Inc.
* Release Note: Using Sun's Java Web Server's administration
module configuration and the Bulletin Board example
application supplied with Java Web Server, it is possible
to remotely execute arbitrary commands on the target system.
* Click here for Advisory FS-082200-11-JWS
Date: August 17, 2000
Platform: Mobile phone Web surfers
Warning About: Wireless Web privacy hole still wide open
Report From: Digital Desk WireTrap Alert
* Release Note: The Security Story of the Day has a link
to the CNET News.com article, written by staff writer,
John Borland. In Mr. Borlands article, he states in part
"Mobile phone Web surfers from several service providers
discovered last March that their wireless Web services were
distributing their phone numbers to Web sites without
telling them. The disclosure enraged privacy advocates
and prompted at least one company--Sprint PCS--to promise
quick changes."
* Click here for WireTraps Security Story of the Day
Date: August 17, 2000
Platform: Irix 6.2 - 6.5.8 and patched versions of the
telnet daemon in Irix 5.2 - 6.1
Warning About: IRIX telnetd vulnerability
Report From: CIAC
* Release Note: A vulnerability exists in the telnet daemon
which can give an attacker remote root access.
* Click for CIAC Report and Solutions in K-066
Date: August 17, 2000
Platform: All releases of FreeBSD after FreeBSD 3.2-RELEASE
and prior to the correction date (including FreeBSD
4.0 and 3.5, but not 4.1) Ports collection prior to
the correction date.
Warning About: FreeBSD - dhclient vulnerable to malicious
dhcp server
Report From: CIAC
* Release Note: The DHCP client does not correctly validate
input from the server, allowing a malicious DHCP server to
execute arbitrary commands as root on the client.
* Click for CIAC Report and Solutions in K-067
Date: August 15, 2000
Platform: E-Mail / PC
Warning About: HOAX: Reformat hoax
Report From: NAI
* Release Note: This is a hoax which is often sent with
varying subject lines however the context remains the
same. Ignore or delete email messages which match the
pattern or description, as outlined in NAI's report.
* Click here for NAI's Report on this Reformat HOAX
Date: August 10, 2000
Platform: EPOC OS for hand held devices such as SIBO
Siena and EPOC32 systems such as Psion
Warning About: EPOC Trojans Updates
Report From: F-Secure
* Release Note: There are a few new and updated EPOC
warnings, on F-Secures Virus Information Page.
* F-Secure, EPOC Trojan Links:
EPOC/Lights
EPOC/Alone
Date: August 9, 2000
Platform: EPOC OS for hand held devices such as SIBO
Siena and EPOC32 systems such as Psion
Warning About: EPOC Trojans Updates
Report From: F-Secure
* Release Note: There are a few new and updated EPOC
warnings, on F-Secures Virus Information Page.
* F-Secure, EPOC Trojan Links:
EPOC/Fake
EPOC/Alarm
EPOC/BadInfo
EPOC/Ghost
Date: August 5, 2000
Discovery Date: August 3, 2000
Platform: EPOC OS for hand held devices such as SIBO
Siena and EPOC32 systems such as Psion
Warning About: EPOC Trojans
Report From: NAI
* Release Note: These are trojan programs written for EPOC
OS hand held devices such as SIBO, Siena and Psion. These
trojans run processes in the background and do various
things. Follow the seperate links for each trojan, or use
the link to go to the main NAI New Viruses and Trojans
page.
* Network Associates Inc., EPOC Trojan Links:
EPOC/Ghost.a
EPOC/Alarm.a
EPOC/Fake
EPOC/Alone
EPOC/BadInfo
EPOC/Lights
* Click for NAI New Viruses and Trojans Page
Date: August 2, 2000
Platform: PC
Warning About: Vulnerability Found in Lotus Notes
Report From: SANS Institute Online
* Release Note: none
* Click for SANS Information on Lotus Notes
Back to the Virus Archives page