[thelist] Fwd: URGENT MICROSOFT SECURITY ANNOUNCEMENT

Peter Kaulback pkaulbak at idirect.ca
Mon Jul 30 15:44:42 CDT 2001 

It seems MS is expecting another round of the Code Red worm tomorrow
>Approved-By: secnotif at MICROSOFT.COM
>X-MS-Has-Attach:
>X-MS-TNEF-Correlator:
>Thread-Topic: URGENT MICROSOFT SECURITY ANNOUNCEMENT
>Thread-Index: AcEZJu1aftmUKnZJRH6dqXUqFovTlQ==
>X-OriginalArrivalTime: 30 Jul 2001 18:39:14.0418 (UTC)
>                        FILETIME=[EE843D20:01C11926]
>Date:         Mon, 30 Jul 2001 11:39:12 -0700
>Sender: Microsoft Product Security Notification 
>Service              <MICROSOFT_SECURITY at ANNOUNCE.MICROSOFT.COM>
>From: Microsoft Product Security <secnotif at MICROSOFT.COM>
>Subject:      URGENT MICROSOFT SECURITY ANNOUNCEMENT
>To: MICROSOFT_SECURITY at ANNOUNCE.MICROSOFT.COM
>X-MIME-Autoconverted: from quoted-printable to 8bit by edvac.idirect.com 
>id OAA36279
>
>The following is a Security  Bulletin from the Microsoft Product Security
>Notification Service.
>
>Please do not  reply to this message,  as it was sent  from an unattended
>mailbox.
>                     ********************************
>
>-----BEGIN PGP SIGNED MESSAGE-----
>
>- ----------------------------------------------------------------------
>The Microsoft Security Response Center, along with other
>organizations listed below, is jointly publishing this alert that
>ALL IIS ADMINISTRATORS ARE ASKED TO READ
>
>A Very Real and Present Threat to the Internet:
>July 31 Deadline For Action
>
>Summary:
>
>The Code Red Worm and mutations of the worm pose a
>continued and serious threat to Internet users.  Immediate action
>is required to combat this threat. Users who have deployed
>software that is vulnerable to the worm (Microsoft IIS
>Versions 4.0 and 5.0) must install, if they have not done so
>already, a vital security patch.
>
>How Big Is The Problem?
>
>On July 19, the Code Red worm infected more than 250,000 systems
>in just 9 hours. The worm scans the Internet, identifies
>vulnerable systems, and infects these systems by installing
>itself. Each newly installed worm joins all the others causing
>the rate of scanning to grow rapidly. This uncontrolled growth
>in scanning directly decreases the speed of the Internet and
>can cause sporadic but widespread outages among all types of
>systems. Code Red is likely to start spreading again on
>July 31st, 2001 8:00 PM EDT and has mutated so that it may be
>even more dangerous.  This spread has the potential to disrupt
>business and personal use of the Internet for applications such
>as electronic commerce, email and entertainment.
>
>Who Must Act?
>
>Every organization or person who has Windows NT or Windows 2000
>systems AND the IIS web server software may be vulnerable.
>IIS is installed automatically for many applications. If you
>are not certain, follow the instructions attached to determine
>whether you are running IIS 4.0 or 5.0.  If you are using
>Windows 95, Windows 98, or Windows Me, there is no action that
>you need to take in response to this alert.
>
>What To Do If You Are Vulnerable?
>
>a. To rid your machine of the current worm, reboot your computer.
>b. To protect your system from re-infection:
>Install Microsoft's patch for the Code Red vulnerability problem:
>
>- - Windows NT version 4.0:
>   http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30833
>
>- - Windows 2000 Professional, Server and Advanced Server:
>   http://www.microsoft.com/Downloads/Release.asp?ReleaseID=30800
>
>Step-by-step instructions for these actions are posted at
>http://www.microsoft.com/technet/treeview/default.asp?
>url=/technet/itsolutions/security/topics/codeptch.asp
>
>Microsoft's description of the patch and its installation,
>and the vulnerability it addresses is posted at:
>http://www.microsoft.com/technet/treeview/default.asp?
>url=/technet/security/bulletin/MS01-033.asp
>
>Because of the importance of this threat, this alert is
>being made jointly by:
>
>Microsoft
>The National Infrastructure Protection Center
>Federal Computer Incident Response Center (FedCIRC)
>Information Technology Association of America (ITAA)
>CERT Coordination Center
>SANS Institute
>Internet Security Systems
>Internet Security Alliance
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGP Personal Privacy 6.5.3
>
>iQEVAwUBO2Wpgo0ZSRQxA/UrAQFQeQgAgmva53MJdjGF4u4oFXcAJICgf+1YTd1n
>IJ7XIPPjTFkc5/8Fqe0lbFY7ZeBNAvGGI276RPkebmTz1WAJ08MNe9uvMJAuyULw
>nOU8sMIO7S0Z5Z65/UYow0ui2qLVdmioqf809RAydHPdj1GINU0yDNS1HwwfjZia
>0wBN+GjyjbdMU6bgMadoMdRgvCwdx2Jzr8ExAnFeNtLxRjwct3mv23bCrln1h80I
>4awW0GPPd5iFzLIZX+QVh9/qkPdYm3SD1e8rs8GK69dub1AsVoKdXea+EHb3YckO
>9XfuZdhxy6I+PnZJ8woSSNqtuZ2zKuS+q4kdPt0Abh0ToCbR4jK91A==
>=a2a5
>-----END PGP SIGNATURE-----
>
>    *******************************************************************
>You have received  this e-mail bulletin as a result  of your registration
>to  the   Microsoft  Product  Security  Notification   Service.  You  may
>unsubscribe from this e-mail notification  service at any time by sending
>an  e-mail  to  MICROSOFT_SECURITY-SIGNOFF-REQUEST at ANNOUNCE.MICROSOFT.COM
>The subject line and message body are not used in processing the request,
>and can be anything you like.
>
>To verify the digital signature on this bulletin, please download our PGP
>key at http://www.microsoft.com/technet/security/notify.asp.
>
>For  more  information on  the  Microsoft  Security Notification  Service
>please  visit  http://www.microsoft.com/technet/security/notify.asp.  For
>security-related information  about Microsoft products, please  visit the
>Microsoft Security Advisor web site at http://www.microsoft.com/security.

More information about the thelist mailing list