Note: To protect the privacy of our members, e-mail addresses have been removed from the archived messages. As a result, some links may be broken.

Lesson Plans


[ Thread ][ Subject ][ Author ][ Date ]
Lawrence A. Parker/OCCTI (occti)
Wed, 10 Nov 1999 08:46:51 -0500

Reuters is reporting that

Researchers have discovered what they believe to be the first e-mail-borne
computer infection that doesn't require a user to open an e-mail or e-mail
attachment for it to wreak havoc.

Dubbed "Bubbleboy" after an episode of TV sitcom "Seinfeld," the virus is
known as a worm because it is self-propagating ...

"Historically, as long as you don't open e-mail attachments you're safe
from virus infection, but this changes all that," said Sal Viveros, a
marketing manager at Network Associates.

[You can read the entire Reuters story online at ]

Ignore the hysteria, folks -- here is what is *REALLY* going on. There is a
significant security hole in Microsoft
Windows 98 (and later versions of 95) that could conceivably give some
nefarious netizen the ability to do ANYTHING to your computer -- like erase
your files, format your hard drive, and so on. Because Microsoft's products
are so closely integrated, this security hole affects anyone who uses
Microsoft Internet Explorer 4 or 5 ... and, from what I can gather, it also
affects anyone who uses Microsoft Outlook or Outlook Express.

"Bubbleboy" takes advantage of this well-known security hole.

Now for the good news: Microsoft released a software patch that fixed this
hole way back on August 31st! As long as you install the patch, you have
nothing to worry about. Bubbleboy will NOT get you!

Here is how to download and install the patch:

1. Go to Start --> Settings --> Windows Update on your PC. This
launches Internet Explorer and connects you to Microsoft's
Windows Update page [ ]

2. On the left-hand side of the page, click on the "Product
Updates" link (it is the one with the hand and the red *)

3. A pop-up window will appear, telling you to wait while your
computer DOESN'T send any information to Microsoft (well,
that's what it says!)

4. Eventually, you'll see a page that says "Select Software."
When Microsoft releases an essential update or patch, they put
it in this page's "Critical Updates" section. So, click on
EVERYTHING in the "Critical Updates" section and then click on
the big, grey "Download" arrow in the top right hand corner of
the page. [The file that fixes the Bubbleboy security hole is
called "Update for Security Vulnerabilities in
'Scriptlet.typlib' and 'Eyedog' ActiveX Controls," but you
might as well download ALL of Microsoft's critical updates
while you're at it -- it is better to be safe than sorry.]

5. Follow the on-screen prompts. That's it! :)

You are currently subscribed to artsednet as:
To unsubscribe send a blank email to leave-artsednet-4261K