Also received today. ----- Forwarded message from unsubscribe@xxxxxxxxxx ----- Date: Wed, 13 Aug 2003 12:01:13 +1000 (EST) From: unsubscribe@xxxxxxxxxx Reply-To: unsubscribe@xxxxxxxxxx Subject: Update: Vet Virus Notification for Win32.Poza worm To: megranat@xxxxxxxx -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Vet Virus Notification for Win32.Poza worm ===================================================================== The VET Support team has received increased numbers of reports for the Win32.Poza worm (also known as Blaster or MSBlast) and are advising clients to update their anti-virus protection immediately. Please note that due to way this worm exploits a vulnerability in Microsoft Windows XP, 2000 and NT 4.0, having the latest antivirus signatures is NOT enough to prevent your machine from being compromised. If you were infected with the Win32.Poza (Win32.Dcom.RPC, MSBlast) worm, and your machine is constantly shutting down, you can enable your Windows XP Firewall to stop this. To do this: Click Start Click Control Panel Double Click \\\"Network Connections\\\" Right-click on your Dial up Connection, then left click \\\'Properties\\\' Left Click \\\'Advanced\\\' Under \\\"Internet Connection Firewall\\\" tick the box \\\'Protect my computer and networking by limiting or preventing access to this computer from the internet\\\' Click Ok Close the \\\"network connections\\\" box. You can then connect to the Internet and download the Microsoft patch from this link: http://www.microsoft.com/technet/security/bulletin/MS03-026.asp IT IS VITAL THAT YOUR SYSTEM IS PATCHED AGAINST THE VULNERABILITY THIS WORM EXPLOITS. Without the patch, you cannot stop the worm from infecting or re-infecting your system. If you have \\\"Windows XP Home\\\" or \\\"Windows XP Professional, you can select the \\\'Windows XP 32 Bit Edition\\\' link for the patch. Download it to your desktop, and then run the patch to install, rebooting when prompted to do so. Then login to the Internet again, Autodownload the latest VET virus update and complete a full scan of your pc. Please note if you are running Windows 95/98/ME, you are not affected by the Dcom RPC exploit, however you should always follow safe computing practices and download the Vet signature update files regularly. To download the most recent update for Vet 10.5, please visit: http://www.vet.com.au/update or do an Autodownload using the Vet Autodownload tool in the Tools menu in the Vet application. For more information about Win32.Poza worm, please visit our Virus Information Center on: http://www.vet.com.au/html/zoo/poza_information.htm and http://www3.ca.com/virusinfo/virus.aspx?ID=36265 Microsoft have also provided additional information on how to protect yourself from Poza. http://www.microsoft.com/security/incident/blast.asp Vet Support Team support@xxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/OZhh1PrPREyzhWARAtooAKDBzQsKLr0wECwdWHo7cIkkgLzndACgwd3h 6iCz92BAeQ1HJX3E+K7Jq4M= =kW9u -----END PGP SIGNATURE----- X-Vet-Email-ID: 12214 ----- End forwarded message ----- ************************************************** To post a message to austechwriter, send the message to austechwriter@xxxxxxxxxxxxxx To subscribe to austechwriter, send a message to austechwriter-request@xxxxxxxxxxxxx with "subscribe" in the Subject field. To unsubscribe, send a message to austechwriter-request@xxxxxxxxxxxxx with "unsubscribe" in the Subject field. To search the austechwriter archives, go to www.freelist.org/archives/austechwriter To contact the list administrator, send a message to austechwriter-admins@xxxxxxxxxxxxx **************************************************