[TECnewhw] virus alert warning

Trevor Cordes trevor at tecnopolis.ca
Sat Sep 25 06:52:38 CDT 2004


An extremely critical flaw has been found in many Microsoft programs that
will probably become (in my expert opinion) one of the biggest virus
threats of the year.  I'm referring to the "JPEG vulnerability" bug.  Very 
shortly this will allow hackers to run any program they want on your 
computer simply by having you view an image file, like one on a web 
page, in an email or a Word document.

Microsoft has already patched this bug.  I strongly urge all my customers
to run all Windows Updates related to this threat.  Actually, I urge you
to run ALL Windows updates (except the "hardware/driver" ones, which can
sometimes cause problems).  Keep in mind that my previous warning about XP
SP2 still applies.  If you are running a business with some custom
software or are running any weird software, be careful (and consult with
me) before installing XP SP2.  If you are a home user or are not doing 
anything "weird" then installing XP SP2 is a really good idea.  Me and my 
colleagues have tested it extensively over the past couple of weeks with 
great success.

If you are running outdated software such as Windows 95/98/ME or Office 97 
or an old version of Works (5 and earlier), then consider this a good time 
to upgrade.  Microsoft may not be issuing patches for said software 
leaving you completely vulnerable.

To run Windows Update, go to the START menu, then click on WINDOWS UPDATE.  
Depending on your version, it may be in the main start menu area, or under 
ALL PROGRAMS.  Follow the instructions.  If something on the page doesn't 
appear to work correctly, press CONTROL-F5 and then it should work.

Also, if you have Office or Works you must update Office.  On the Windows 
Update site you went to above, there is a link at the top that says OFFICE 
UPDATE.  Click that and then click CHECK FOR UPDATES and follow the 
instructions.  You'll need your Office CD handy.

Lastly, I'll again warn you against trusting anything that comes in an
email.  Never follow a link or run a program from an email.  Beware of
"phishing" emails which are emails that appear to be from ebay, paypal,
your bank or another company you know claiming they need you to verify
your password, or other such nonsense.  They will steal your password and
then all your money or good ebay reputation.  Again, never follow a link
in an email, instead you can open a new browser and type the company's web
site address in by hand.  That way you can be sure you are not being
spoofed.

DISCLAIMER: this warning is provided as a service to my customers.  I 
cannot be held responsible for any damage or downtime these instructions 
may cause.  Updating your computer is always slightly risky, depending on 
your configuration and usage patterns.  However, in this case the risk of 
not updating will far outweigh the risk of updating.


More information about the TECnewhw mailing list