Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : WCOM -- Ignore unavailable to you. Want to Upgrade?

To: joarel who wrote (3623)	12/23/1998 8:18:00 AM
From: paul t	Respond to of 11568

Information on the "Remote Explorer" or "RICHS" Virus Originally Posted: December 22, 1998 Microsoft takes the safe computing of its customers seriously. We were informed of the discovery of this virus on December 19th by Network Associates, Inc., and we worked closely with them to identify and understand it. The virus has been thoroughly studied, and the information will be made available to all major virus vendors in order to allow them to develop countermeasures against it. There has been a considerable amount of discussion about this virus, some of it exaggerated. Here are some facts about this virus: It follows the traditional virus scenario. It runs under the privileges of the user, installs copies of itself into executable files and spreads when they are passed to other computers and executed there, and it may take destructive action against the user's files. It does not exploit any security vulnerabilities in the Windows NT operating system What is unusual about this virus is that, when the infected executable is executed by a local administrator, it uses the administrator's privileges to install itself as a service. The service then waits until a domain administrator locally logs onto the computer on which it is running, and uses the administrator's privileges to infect executables on the network. When the infected executable file is transported to a new machine, it starts the infection process anew. Normal, safe computing precautions are sufficient to reduce the likelihood of infection: Install and use anti-virus software as a matter of policy Ensure that your anti-virus software is up-to-date Avoid downloading unsigned executables, or executables whose origin you do not know. Virus-scan any executables that you choose to download. Log on as an administrator only when necessary. Whenever possible, run as a normal user—perform normal activities like checking e-mail and web surfing from a user-level account For additional information about this virus, visit the Network Associates, Inc., web site. For additional security-related information about Microsoft products, please visit microsoft.com -------------------------------------------------------------------------------- THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. © 1998 Microsoft Corporation. All rights reserved. Terms of Use.