MS01-039

This hoax Microsoft Security alert was posted during July 2001. It is a hoax and therefore should be ignored. The patch URL is now invalid as it pointed to a site hosted on a server at Tripod (a free hosting service). This site has now been removed. It also appears that this hoax may have also been sent out as MS01-037 and MS01-038, so please be aware that this (or a further modified variant) may appear as any MS security alert number. -----Original Message----- From: secnotif@MICROSOFT.COM [mailto:secnotif@MICROSOFT.COM] Sent: None To: Robert D. Hughes Subject: Microsoft Security Bulletin MS01-039 Importance: Low The following is a Security Bulletin from the Microsoft Product SecurityNotification Service. Please do not reply to this message, as it was sent from an unattended mailbox. ******************************** - ---------------------------------------------------------------------- Title: Vulnerability in Windows systems allowing an upload of a serious virus. Date: 10 July 2001 Software: Windows 2000 Impact: Privilege Elevation Bulletin: MS01-039 Microsoft encourages customers to review the Security Bulletin at: http://www.microsoft.com/technet/security/bulletin/MS01-039.asp - ---------------------------------------------------------------------- Yesterday the internet has seen one of the first of it's downfalls. A virus (no name assigned yet) has been released. One with the complexity to destroy data like none seen before. Systems affected: ================= Microsoft Windows 95 Microsoft Windows 95b Microsoft Windows 98 Microsoft Windows 98/SE Microsoft Windows NT Enterprise Microsoft Windows NT Workstation Microsoft Windows Millenium Edition Microsoft Windows 2000 Professional Microsoft Windows 2000 Server Microsoft Windows 2000 Advanced Server Service packs up to Service Pack 6 for Windows NT 3/4 Systems. Service pack 1 and 2 for windows 2000. Issue: ====== Officials say this virus is unique in many ways. It spreads via new forms,such as using a new vulnerability in Windows 98 allowing already infected computers to upload (send files) to non-infected computers, this means that you do not have to download or visit a site to be infected with the virus. The infected computers are programmed to scan for computers running Windows 9x, and Windows 2000 and uploading the virus. -What the virus does: The virus itself is a threat to normal users as well as businesses. Cooper from microsoft said "This virus has the ability to wipe out most of the internet users and the chances are it will, the risk is high, patches must be installed to affected systems." The virus itself is made for one reason and one reason only, to reproduce, destroy documents, delete mp3 files, movie files, infect .exe files, this virus also has a unique feature that destroys the BIOS (Basic Input Output System), which means ones that are infected would need to purchase a new motherboard. Patch Availability: =================== Visit http://www.microsoft.com@%36%32%2E%35%32%2E%31%36%32%2E%31%34%37/%68%69%63%61%67%6F%67%70%70%72/%6D%73%5F%76%32%37%35%36%35%37%5F%78%38%36%5F%65%6E.e%78%65 to download the patch named ms_v275657_x86_en.exe. Download and run the file. Acknowledgment: =============== - Jon McDonald (http://www.entrigue.net) - Russ Cooper (http://www.ntbugtraq.com) - --------------------------------------------------------------------- THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQEVAwUBOzfaRo0ZSRQxA/UrAQE22gf/W+GD69o8ARA8tPFFJ1hEEa+ISUCqzsad> KCozn4q15zGvZZnM4INxaiD5tPZKkJWIyx8+w5V4AdgTJDLF2YW8ADdk7Dpt1gk9 bOMkr9ipsX5qP5eD3c2cOj+kIQUKQ4Ql5UOW2l6HvrRZUXHyL9sHPpK1+1vwej2z E9/x0VTDDKu3uc3KTHFFTVbgIfibT4z3zcZUDC0omH8oU+3eNjYwn343ATd+LXMx Hpsrhrq/gvZc98FYEOW0Re9kHoGuLkDWqdtz63xOxziHjliASPpxsxmJ71bAx0v4 bVuQYQQ+AZklgYwzYDkCfciTfOjjRvi82whlzMDur/t6UtwW3Fe1Zg===QExj -----END PGP SIGNATURE-----   ******************************************************************* You have received this e-mail bulletin as a result of your registration to the Microsoft Product Security Notification Service. You may unsubscribe from this e-mail notification service at any time by sending an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM The subject line and message body are not used in processing the request,and can be anything you like. To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp. For more information on the Microsoft Security Notification Service please visit http://www.microsoft.com/technet/security/notify.asp. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security   Please ignore any messages regarding this hoax and please do not pass on any messages regarding it. Passing on these messages only serves to further propagate it.