Articles in this Topic Discussions in this Topic

Computer Security Weekly, August 2, 1999

Aug 2, 1999

Due to the prevalence of Microsoft Word macro viruses, more and more people are turning to the WordViewer program provided by Microsoft, and making it the default application for .DOC files. Unfortunately, the installation of WordViewer does *not* always fix the problem. Even if you choose to have it become the default application for Word documents, a number of application will still call for Word, and these must be changed individually. Oddly, Outlook and Outlook Express seem to be two of the worst culprits.

Still on Word macro viruses, here is yet another example of a loophole in Word's "macro virus protection" feature. If you select multiple documents to print from Windows Explorer, Word will open them sequentially to print--but without running the macro check. Therefore, you can be infected, without warning, even if you have the macro virus feature enabled.

The Falun Gong sect in China appears to have some net savvy adherents: at least they are producing massive quantities of spam in support of their cause. They also have Web sites up on the net, based in countries other than China. Chinese authorities, however, in a remarkably net savvy retaliation (for a government), seem to be attacking ISPs that host the sites. A number of Canadian ISPs, as the Web site is moved from host to host, have come under denial of service attacks with packets apparently originating from The Information Service Center of XinAn, Beijing, China, and other locations in China.

Falundafa
Bestnet Internet Inc.
Asia Pacific Information Center

The network dialler in Windows NT has an overflow bug that can pass data to be executed, and which can be used to set up attacks. Note that the attack can only be initiated from the system itself, but it can be used to cause programs to run with high privilege once an administrative user signs on.

Microsoft Security Bulletin (MS99-026)
MS99-026 Frequently Asked Questions
Microsoft KB article Q237185 (not available at time of writing)

mailto:rslade@vcn.bc.ca
mailto:rslade@sprint.ca
mailto:robertslade@usa.net
mailto:p1@canada.com

http://victoria.tc.ca/techrev/rms.htm

http://sun.soci.niu.edu/~rslade/rms.htm

http://www97.pair.com/robslade/

Robert Slade's Guide to Computer Viruses, 0-387-94663-2, (800-SPRINGER)

Go To Page: 1

The copyright of the article Computer Security Weekly, August 2, 1999 in Computer Security is owned by . Permission to republish Computer Security Weekly, August 2, 1999 in print or online must be granted by the author in writing.

Join the latest discussions

Email Article

View All Articles

reference