Beginning March 2nd, 2020 the Mailing Lists functionality on RootsWeb will be discontinued. Users will no longer be able to send outgoing emails or accept incoming emails. Additionally, administration tools will no longer be available to list administrators and mailing lists will be put into an archival state.
Administrators may save the emails in their list prior to March 2nd. After that, mailing list archives will remain available and searchable on RootsWeb
This is the next step in Virus activity as
Note that this virus infects even the user who does
NOT open the attachment, but merely opens the basic
email in a preview pane or otherwise even tries to read
the basic email itself. So those that depend
on their virus protection as being "don't open
attachments" are going to get caught here.
Also recognize that this virus is far worse
that SirCam etc etc. I've also seen warning of the
next mutant of this being a really dangerous
payload. It was also self mutate.
John A Hansen
From: Peter Mueller [mailto:email@example.com]
Sent: Tuesday, September 18, 2001 1:42 PM
To: Incidents List
Cc: Vuln Dev
Subject: RE: New "concept" virus/worm?
<exerp from securityfocus>
Experts are tracking a fast-spreading virus that propagates both by sending
itself as an email attachment, and by hacking into vulnerable web servers.
The W32.Nimda.A@mm worm infects IIS servers by exploiting the 'MS IIS/PWS
Escaped Characters Decoding Command Execution Vulnerability' -- the same
hole exploited by the recent Code Blue worm.
The worm also attacks Microsoft Outlook users, arriving as an apparently
blank message with an attachment called 'readme.exe.' As with other viruses,
opening the attachment will infect the machine.
But unlike most so-called mass mailers, Nimda can also infect Outlook and
Outlook Express users who know better than to open strange attachments. By
exploiting a bug in Internet Explorer discovered last March, the worm is
able to infect victim computers when the email is read, or even displayed in
Outlook's preview pane.
A patch for the 'Microsoft IE MIME Header Attachment Execution
Vulnerability' is available from Microsoft's web site.
Once it has infected a machine, Nimda exposes local hard drives to the
network, and spreads further through already-open file shares.
Cyber security mailing lists began buzzing with word of the W32.Nimda.A@mm
worm Tuesday morning, after network administrators noticed a massive
increase in probes for unpatched Microsoft's IIS web server software.
No destructive payload was immediately identified in the worm, but network
administrators report that the worm consumes massive amounts of bandwidth in
its feverish search for vulnerable servers.
The virus comes at a time of heightened sensitivity to Internet attack.
On Monday the U.S. National Infrastructure Protection Center (NIPC) issued
an advisory warning that a group of vigilante hackers called 'The
Dispatchers' have threatened to launch distributed denial of service attacks
against unnamed Internet hosts, in response to the September 11th terrorist
attacks on the United States.
"The Dispatchers claim to have over 1,000 machines under their control for
the attacks," the advisory reads. "It is likely that the attackers will mask
their operations by using the IP addresses and pirated systems of uninvolved
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
There is a nasty worm making the rounds today.
Discovered on: September 18, 2001
Last Updated on: September 18, 2001
at 12:38:50 PM PDT
Symantec Security Response has received a number
of submissions on W32.Nimda.A.@mm and is rating
it as a Category 4.
Please update your AV software ASAP.
I subscribe to numerous virus and security
email lists and will try to keep you advised
of Class 4 virus threats after I verify that
it is not a hoax.
John A Hansen