eradicating the KAK virus

From: Jim Fackert (jfackert@cac.net)
Date: Thu May 04 2000 - 18:56:52 EEST


Sorry, I guess I inserted the wrong web site URL. Here's a better write up
with URLs on the KAK virus that is infecting the list:

The KAK worm "virus" was introduced at this message and has propagated into
other messages which means some others of you have been affected .
I've sent private messages to the other people whose messages are also
visibly affected but there will probably be others.

Unfortunately THIS WORM DOES NOT REQUIRED YOU TO RUN AN ATTACHMENT - IT RUNS
BY JUST VIEWING THE MESSAGE.
Yes, I know this is the sort of rubbish claim that has been made in the past
and we all KNOW that you have to actually run an attachment.
Sorry guys (and gals), someone's caught up with a Microsoft loophole!.

There is a loophole in Windoze / Internet Explorer versions 4 and 5.

This version of the worm is fairly harmless - just don't expect to use your
PC on the 1st of the month after 5pm.
New versions could easily be much more malicious.
The patch from Microsoft (available via the link below) closes the loophole.
=========================

This is a worm which affects Microsoft Outlook and delivers it's payload on
the 1st of the next month at 5pm

The present payload is just to shut down your PC anytime after 5pm on that
date (and possibly any date thereafter?) but there will no doubt be worse
variants following.

You can remove this virus using instructions at

http://www.sarc.com/avcenter/venc/data/wscript.kakworm.html

There is also a link to a Microsoft patch to close the loophole.

A "giveaway" is that if you are reading offline the system MAY try to log
you on when you read the infected message(s)

For more information about the rp-ml, see http://ltk.hut.fi/rp-ml/



This archive was generated by hypermail 2.1.2 : Tue Jun 05 2001 - 23:03:24 EEST