For your information.
Donna King
----- Original Message -----
From: "Helen Jones" <hsj(a)melcombe.freeserve.co.uk>
To: <DORSET-L(a)rootsweb.com>
Sent: Saturday, February 16, 2002 3:37 PM
Subject: [DOR] Fw: [itss-a] Virus alert: JS/Coolnow spreads via MSN (fwd)
This warning has been posted to the Listowners list for distribution
to
the
lists just in case - update your virus checkers now! Once again it
affects
Microsoft Internet Explorer only.
To: <LISTOWNERS-ENGWLS-L(a)rootsweb.com>
Sent: Friday, February 15, 2002 5:37 PM
Subject: Fw: [itss-a] Virus alert: JS/Coolnow spreads via MSN (fwd)
> Security patches ahoy even for IE6 ...
>
> Wendy
>
> ----- Original Message -----
> >
>
> Date: Thu, 14 Feb 2002 18:05:57 +0000
> Subject: [itss-a] Virus alert: JS/Coolnow spreads via MSN
>
> Please note that Sophos have issued a warning regarding the JS/Coolnow-A
> javascript worm, alias JS.Menger.worm.
>
> This worm uses MSN to propagate, by exploiting a vulnerability in
Internet
> Explorer.
>
> Both Sophos and F-Secure have issued updates that detect this worm. The
> Sophos updates can be downloaded from
>
>
http://www.sophos.com/downloads/ide/ and from:
> ftp://micros.oucs.ox.ac.uk/SL/SOPHOS/idefiles/
>
> Microsoft issued a cumulative patch that fixes this problem on 11
February.
> It only applies to certain versions of Internet Explorer (5.01 on
Windows
> 2000 sp2 only, 5.5sp1, 5.5sp2 and 6). Details are available
here...
>
http://www.microsoft.com/technet/security/bulletin/MS02-005.asp
>
> It would seem advisable to update your anti-virus software and patch
> Internet Explorer.
>
> The Sophos description is included below.
>
>
>
> JS/Coolnow-A
> Aliases JS.Menger.worm
> Type JavaScript worm
>
> Detection
>
> A virus identity file (IDE) file which provides protection is available
now
> from the Latest virus identities section, and will be incorporated into
the
> April 2002 (3.56) release of Sophos Anti-Virus.
>
> At the time of writing Sophos has received just one report of this worm
> from the wild.
>
>
> Description
>
> JS/Coolnow-A is an MSN Messenger worm which exploits a vulnerability in
> Microsoft Internet Explorer.
>
> The body of the worm exists on a web page. When the page is viewed by a
> vulnerable user the worm will send a message to all the user's MSN
> Messenger contacts. The message will ask the recipient to visit the
> affected web page.
>
> The text of the message will vary according to the affected web page but
> may be similar to "Go to: http://<address of affected website>".
>
> The worm makes no modifications to a user's system.
>
> Microsoft has issued a security patch which secures against the
> vulnerability. It is available at
>
http://www.microsoft.com/technet/security/bulletin/MS02-005.asp
>
>
> ==== LISTOWNERS-ENGWLS Mailing List ====
> .
>
>
______________________________