VISUAL NEWSLETTER – AUG 2003           


 

THE INTERNET WORMS

 

For some time now, the world has been battling with E-mail Worm Viruses. This form of virus infects an e-mail attachment, and when opened by an unsuspecting user it emails itself to everyone in your address book. This type of virus can be controlled fairly effectively by keeping your anti-virus up to date and deleting unsolicited e-mail.

 

The Internet Worm Viruses of late are far more difficult to deal with. They come in through your Internet connection without any assistance from the computer user. They can hunt down vulnerable computers in a matter of minutes causing a variety of calamities as well as significant network traffic problems for companies as they search for another computer to infect.

 

These Viruses exploit weaknesses in Windows itself to attack your computer by entering via the “Back Door”. This refers to security vulnerabilities in Windows, that your Anti-Virus is unaware of. The MS-Blast Virus came in through this hole in Windows security and initiated a Reboot of the computer just before the Anti-Virus became aware of it. At that point it was too late.

 

Microsoft announced this particular vulnerability weeks before the Virus took advantage of it. They put a patch on their Windows Update site allowing users to fix the problem, but many users do not take advantage of these updates. Automatic updates should be enabled if possible.

 

Curiously another similar Virus came along using the same entry point but when it infected a computer, it downloaded the patch to repair the vulnerability. This led many industry pundits to label it a “Good Virus”. Unfortunately it caused many of the same network traffic problems while it actively searched for computers to repair.

 

Surprisingly Microsoft and Authorities are getting better at tracking down the source of new viruses and the creator of the MS-Blast virus was apprehended and charged within a couple of weeks of the virus’s release. He turned out to be an 18 year old.

 

AN OUNCE OF PREVENTION

 

To repair defects in Windows and repair vulnerabilities that are identified almost weekly, Microsoft has set up the Windows Update site. This site analyzes the status of your computer and determines which updates you need to bring your current version of Microsoft Windows up to date.

 

You can configure Windows for automatic downloads of critical updates by adjusting properties under My Computer in Win-XP. This only downloads significant updates. Some updates that you might still find useful are only available from the site.

 

To get to the Microsoft Windows Update site, go into Internet Explorer and look in Favourites, Favourites/Links or Tools depending on your Windows version. You can also type in the full site address:  http://v4.windowsupdate.microsoft.com

 

Updates are limited for older versions of Windows but most new viruses seem to have targeted the newer versions anyway. Many of these individuals seem to have a grudge against Microsoft so attacking older more vulnerable versions would probably just help Microsoft sell more copies of their newer version. It always seems more challenging to go head to head with the flagship of their product line as well.

 

Occasionally a Windows Update will cause a problem rather than prevent one. Like seatbelts however, these updates still prevent far more problems than they cause.