In computer news this week, 06/05/2002

The world is experiencing the worst virus since the I love you and Mellisa virus, but this one's even worse...

According to data compiled from Panda Antivirus in May, the Klez worm was worst computer virus for the second month running. The data compiled from Panda's online virus scanner shows that Klez was responsible for just over 20 percent of infections detected.

Klez is a rapidly-spreading e-mail worm that sends itself out to all addresses in the

affected computer's address book and has variable message texts and subject fields. It can also change the apparent e-mail address of the sender to give the impression that it has been sent from an address other than that of the affected computer.

Other characteristics that go to explain Klez topping the ActiveScan list include the fact that it exploits a known vulnerability in Internet Explorer - already corrected by Microsoft (but not in the version you now have on your older computer) -, which allows the infected file to run automatically when the message is viewed in the preview pane.

This is an important point - it used to be that most viruses came as attachments to your email, and if you were suspicious of something sent to you - you could choose to not open the attachment and delete it and you would be safe. But the Klez virus can infect you by your viewing the email.

A few weeks ago I did a show on stale software - meaning that in today's internet environment you have to constantly keep updating your software; particularly programs that are vulnerable to hackers and viruses, like your web browser and your email program. The number 1 web browser is Microsoft's Internet Explorer, and it is virtually Swiss cheese in terms of the many security holes that have been discovered in it and exploited by hackers and virus writers. You can go to microsoft.com and download the newest security fixes for internet explorer and earlier versions of outlook mail. There are a couple of ongoing patches for many of Microsoft's programs, and you may find you need to download first one patch; execute and install it - then download the next patch.

If you use outlook express, as millions of people do, you need to disable the preview pane - click on the view menu, select layout, and disable the show preview pane checkbox.

Technically the klez virus makes use of an incorrect mime header than can cause IE to execute email attachments without actually being opened, due to a security hole in the program.

Most of the major antivirus vendors are offering free patches to clean up the Klez and other viruses, but this is a reactive measure and you may lose important data if you get hit. Panda Security offers a patch for the Klez and other viruses at their website - www.pandasecurity.com - a file named pqremove which will check for and remove most of the current viruses, but this is after the damage has already been done.

All this leads to an article which appeared in Wednesday's local paper, saying that the government is also tired of security holes in Microsoft products, and is discussing forcing changes. You would think that if 12 year old hackers can find security holes in Microsoft programs, the company itself could have its own team of hackers testing its own software for vulnerability.

Ah, but we might as well try and catch the wind - and just remember to keep all our software updated, our virus programs updated, and treat every new email with suspicion.

For Raw Bytes, This is Frank Delaney

POB 222 Spangle, Wa 99031 (509)245-3736 624-7230