| Author |
 Topic Search  Topic Options
|
dpyers 
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
 Post Options
 Thanks(0)
 Quote  Reply
 Topic: Virus warning for people running IIS
Posted: 25 June 2004 at 4:06pm |
|
|
Lead me not into temptation... I know the short cut, follow me.
|
 |
Mart
Senior Member
Joined: 30 November 2002
Status: Offline
Points: 2304
|
Post Options
Thanks(0)
Quote Reply
Posted: 25 June 2004 at 4:19pm |
|
That sucks, is there not a hotfix availiable yet?
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2004 at 12:00pm |
Here's an update on the situation. Still awaiting the 3rd fix from MS. Apparently W2K sites enabling emailing attachments such as those using osticket were among the targets. Once a site's infected, you can catch the infection on your local pc just by visiting the site.
XP Svc Pack 2, RC2 people are safe.
The MS site has info on how to detect if you're infected:
http://www.microsoft.com/security/incident/download_ject.msp x
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2004/06/26/ BUGND7CI841.DTL
Edited by dpyers
|
Lead me not into temptation... I know the short cut, follow me.
|
|
huwnet
Senior Member
Joined: 30 May 2003
Location: England
Status: Offline
Points: 1375
|
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2004 at 12:25pm |
I am rc2 
|
|
Semikolon
Senior Member
Joined: 09 September 2003
Location: Norway
Status: Offline
Points: 1718
|
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2004 at 1:35pm |
an update is already finished.......
 Microsoft wrote:
Reports indicate that Web servers running Windows 2000 Server and IIS
that have not applied update 835732, which was addressed by Microsoft Security Bulletin MS04-011, are possibly being compromised and being used to attempt to infect users of Internet Explorer with malicious code. |
it was released months ago..
Or am I wrong?
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2004 at 2:51pm |
Semikolon wrote:
an update is already finished.......
Microsoft wrote:
Reports indicate that Web servers running Windows 2000 Server and IIS that have not applied update 835732, which was addressed by Microsoft Security Bulletin MS04-011, are possibly being compromised and being used to attempt to infect users of Internet Explorer with malicious code. |
it was released months ago..
Or am I wrong?
|
Apparently 3 patches are required. Two are already out, but the 3rd hasn't been released yet.
|
Lead me not into temptation... I know the short cut, follow me.
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2004 at 2:53pm |
huwnet wrote:
I am rc2 |
Not me. IIRC, the lions ate the early christians - 
|
Lead me not into temptation... I know the short cut, follow me.
|
|
Semikolon
Senior Member
Joined: 09 September 2003
Location: Norway
Status: Offline
Points: 1718
|
Post Options
Thanks(0)
Quote Reply
Posted: 26 June 2004 at 4:33pm |
dpyers wrote:
Semikolon wrote:
an update is already finished.......
Microsoft wrote:
Reports
indicate that Web servers running Windows 2000 Server and IIS that have
not applied update 835732, which was addressed by Microsoft Security Bulletin MS04-011, are possibly being compromised and being used to attempt to infect users of Internet Explorer with malicious code. |
it was released months ago..
Or am I wrong?
|
Apparently 3 patches are required. Two are already out, but the 3rd hasn't been released yet. |
sorry, my bad.. didn't read the MSNBC news before I read the Download.Ject page on MS.com
|
|
