September 23 , 2003

TODAY'S HEADLINES -

** New Virus poses to be from Microsoft
** Tech Quiz
** Services you shuld block on your firewall
----------------------------------------------------

New Virus poses to be from Microsoft

A new e-mail worm has started to spread quickly, taking advantage of an Internet Explorer vulnerability that was first disclosed two years ago.
The bug, which has been alternately dubbed Swen and Gibe.F, appears to exploit a flaw that Microsoft first disclosed in a March 2001 security bulletin.

Ken Dunham, manager of malicious code intelligence for Reston, Va.-based iDefense, said that Swen preys upon people's best intentions, appearing as an e-mail that purports to be a security update from Microsoft.

The worm is programmed to send an official-looking e-mail that says it contains a "cumulative patch" for several Internet Explorer, Outlook and Outlook Express vulnerabilities.

A Microsoft representative noted that the software maker does not send out patches as e-mail attachments.

In addition to spreading via e-mail, experts said, Swen can be transmitted over services such as Internet relay chat (IRC) and through peer-to-peer networks. The virus turns on file sharing--if it is not already turned on--and creates a shared directory with multiple copies of itself under various file names, said Kevin Haley, a group product manager at Symantec Security Response. Among the files Swen tries to disguise itself as are virus removal tools.

Haley said the social engineering that the virus writer used is most troubling.

"Those things are pretty interesting and pretty dangerous," he said.

The threat posed by Swen is rated fairly low by antivirus companies such as McAfee and Symantec, despite the worm's growing prevalence. "It doesn't look like it is causing a lot of trouble at least right now," Haley said. The threat is somewhat higher for home users and users outside the United States who are more likely to be using older, unpatched software, McAfee said.

"Swen is quickly gaining ground in Europe and has the potential to become very widespread in a short period of time," Dunham said in an e-mail.

The emergence of Swen comes as security companies have warned that a potentially major bug could soon emerge based on a recently disclosed Windows vulnerability. Experts said earlier this week that code that could quickly be used to create such a bug are already being distributed on underground hacker sites.

Tech Quiz
---------------------------------------------------------------

How long does a password need to be before it becomes uncrackable?

Answer: No password is uncrackable. With enough time and resources all passwords can be cracked.

Tech Tip
---------------------------------------------------------------

Services you should block on your firewall
The network security of anorgranization is usually designed around the company. However, these are a few services that should be blocked at the firewall if peace of mind is what you seek.

---------------------------------------------------

To access previous newsletters, go to http://www.veemost.com/newsletter.htm

---------------------------------------------------

WHEN YOUR NETWORK IS TOAST, CALL VEEMOST

We have risen to the task many times. We can help you get your network back to normal. Save yourself some time, we are just a phone call away.

Call VeeMost at 330-928-1100 or 1-877-VeeMost