Computer Virus Information
Please Note: The information of this page is NOT intended to cause PANIC.
Rather the intent is to create enough awareness and concern to produce positive solutions!
Most computer viruses spread via
Microsoft Outlook or Outlook Express!
We at Stikkids are building a company by creating cost effective, stable computer systems for our clients. Viruses are our number one determent. In August 2003 the US Army experienced system failures due to virus activities. In September viruses crippled the US State Department. Even Microsoft, the biggest, richest software company in the world has had services fail due to viruses several times during 2003. How then can we at Stikkids seriously suggest that we can help you build a reliable computing system? The answer is very simple. We leave Microsoft's Outlook and Outlook Express OUT of our equations!
What Are Computer Viruses?
Look at the news over the last few years concerning viruses. Almost ALL viruses have been spread with Microsoft Outlook or Outlook Express.
We at Stikkids are currently managing many computer systems which have not been crippled by viruses. How are we accomplishing this? We use virus protection software, and we keep it up to date weekly. We open email attachments ONLY when we know what they are. And... We use email programs that have been proven safe with time.
There is ONE THING about all of this that we are sure. The vast majority of viruses are spread with the Outlook email programs. Even with the best security systems possible, MAJOR organizations using the Outlook email programs are being infected with viruses. If you are using Outlook or Outlook Express to access your email, then we at Stikkids CAN NOT help you keep your computer safe. To show this, let's consider...
Computer viruses are a form of malicious code operating on a computer to cause harm to the computer's system or annoy the computer user. Malicious code can perform a number of harmful acts, depending on the particular virus. On one extreme, the viruses just play some sort of prank on an unsuspecting computer user. On the other extreme, viruses steal information, delete important documents and programs, destroy a computers operating system, and use a computer as a base for an attack on another computer.
How Common are Viruses
When viruses first appeared "in the wild" in the 1980s, they spread slowly and passed via the "sneaker net": floppy disks traded by people and shared between computers. But widely available Internet and e-mail access hastened their spread. The advent of viruses that spread via e-mail significantly increased the odds that the average computer user would confront a virus because they spread so rapidly.
How to Protect Your Computer...
PCWorld.com reports that E-mail viruses today account for about 81 percent of virus infections and can infect thousands of machines in a matter of minutes, causing billions of dollars worth of damage in a short amount of time. Five years ago, the chance you'd receive a virus over a 12-month period was about 1 in 1000. During the year 2000, your chances dropped to less than 1 in 10. September 2003, one in four computer users in the US have lost content on their computer to viruses and hackers according to Iomega.Com.
Thursday, October 9th, 2003, Yahoo News reports viruses have infected at least 80 percent of China's computers, highlighting the vulnerability of one of the world's biggest PC and Internet markets.
If you wish to protect your computer from viruses you will need to install a virus protection program. You will also need to keep this program up to date with the current virus definitions. But this alone will not protect your system.
Microsoft Outlook “Protects” Viruses!
There are programs and “Trojan Horses” that allow viruses to enter and function on your computer UNDETECTED by the Virus protection Programs! Files attached to email messages often fall into this category. In many cases, when you "click" on a file that you have received in an email message, the "file" will disable your virus protection, and then allow a virus to attack your computer.
However, if you are using Microsoft's Outlook or Outlook Express, you do NOT need to "click" anything! Inside these email programs viruses "auto-executes" without your awareness and without detection from the virus protection programs.
Ever since the Melissa Virus in 1999 overwhelmed commercial, government and military computer systems using Microsoft Outlook, hackers have used the vulnerabilities in the Outlook programs to spread their virus!
Therefore, to protect your computer from viruses...
- Run effective anti-virus software. Look for anti-virus software from major vendors like Symantec, or packages that receive good reviews from computer magazines and websites.
- Keep your anti-virus software updated! New viruses are released in the internet every week. Therefore, your anti-virus software will need to be "told" what the new "threats" are.
- ONLY open files attached to e-mail when you are SURE what they are, even if they "appear" to come from someone you know.
- Avoid Microsoft Outlook/Outlook Express. Use email programs that have been PROVEN safe over time.
In order to offer EVERYONE a "first hand experience" to show that the Microsoft Outlook programs actually harbors and “protects” viruses, we request that you do this...
History of Common Viruses
Find a computer on which one of the Outlook Programs is being used to access email, and is also infected with viruses. This will prove easier to accomplish than you may expect!
Next... Remove the viruses, this will likely prove much more difficult to accomplish than you may expect.
Then... Install a virus protection program. Scan the computer's system for viruses with the protecting program. Please insure the protecting program says it has FOUND NO VIRUSES in this system.
OK... are you ready for the shocker???
Now... Install the program Eudora on this computer. Ask the Eudora program to import the email files from the Outlook program. How many Virus Alerts appeared? 25? 100? 700? 1000? 1725?
The reason this happens is... Hackers write viruses to “hide” in the Outlook programs such that virus protection programs can NOT see them in a computer. The viruses that were removed at the beginning of this exercised were "copies" of the original virus that had scattered throughout the computer. The original virus is still safe and sound in the computer, in the Outlook files! When these Outlook files are imported into a different program, the viruses contained in these files are no longer able to remain hidden. We at Stikkids see this EVERY TIME we remove viruses from computers that have been using Outlook or Outlook Express!
1999 - The Melissa virus executes a macro in a document attached to an email, which forwards the document to 50 people in the user's Outlook address book. The virus also infects any Word document and subsequently mails them out as attachments. Melissa spread faster than any previous virus, infecting an estimated 1 million PCs.
What the “Experts” Say...
1999 - The Bubble Boy virus is the first worm that does not depend on the recipient opening an attachment in order for infection to occur. As soon as the user receives the email using Outlook, Bubble Boy goes to work.
2000 - The Love Bug Virus sends itself out via Outlook, much like Melissa, using a Word macro to infect Outlook and spread itself.
2001 - Shortly after the September 11th attacks, the Nimda virus infects hundreds of thousands of computers in the world. The virus is one of the most sophisticated to date with as many as five different methods of replicating and infecting systems. Nimda is the first worm to modify existing web sites to start offering infected files for download. Also it is the first worm to use normal end user machines to scan for vulnerable web sites. This technique enables Nimda to easily reach intranet web sites located behind firewalls. Nimda locates e-mail addresses via MAPI from your e-mail client as well as searching local HTML files for additional addresses. Then it sends one e-mail to each address. These mails contain an attachment called README.EXE, which can be executed automatically from Outlook.
2001 - The “Anna Kournikova” virus, which mails itself to the victim's Microsoft Outlook address book, worries analysts who believe the relatively harmless virus was written with a “tool kit” that would allow even the most inexperienced programmers to create viruses.
2001 - BadTrans.B uses a known exploit, related to the processing of certain unusual MIME types of Outlook Express so as to launch an attachment automatically. BadTrans is designed to capture passwords and credit card information.
2002 - The Klez worm is quickly becoming one of the fastest-spreading worms on the Internet. It is an example of the increasing trend of worms which disables anti-virus programs, overwrites files, and creates numerous copies of itself. The worm doesn't need the victim to open it in order to run. Instead, it takes advantage of a 12-month-old vulnerability in Microsoft Outlook, known as the Automatic Execution of Embedded MIME Type bug, to open itself automatically!
January 2003 - The “Slammer” (Sapphire) worm becomes the fastest spreading worm to date, infecting 75,000 computers in approximately ten minutes, doubling its numbers every 8.5 seconds in its first minute of infection. The Cleveland Clinic Health Service systems were hit badly. Many Banks had their cash machine systems infected, Microsoft themselves were also hit. The Slammer worm exploits security holes and bad programming in Microsoft Windows products. A patch to correct the faults in the Microsoft products was made avilable quickly, but there were problems with downloading and installation, and not even Microsoft was able to apply the patch in time. The biggest problem with these quick patches is that they often cause new problems in the software itself. If sys admins for the biggest, richest software company in the world can't keep up to date on patches, what about the rest of us?
Thursday, June 05, 2003 - The BugBear.B Virus contains routines that specifically affect financial institutions. This functionality will cause the worm to send sensitive data to one of 10 hard-coded, public Internet e-mail addresses. The sent information includes cached passwords and key-logging data allowing hackers to access and remove funds from both personal and corporate bank accounts world wide! (Note: The worm uses the Incorrect MIME Header vulnerability which allows the worm to auto-execute if it has been received in Microsoft Outlook)
Monday, August 11, 2003 - MS Blaster travels over the Internet by connecting to vulnerable computers and infecting them. The infected computers then start searching for other vulnerable computers on the Internet and infects those computers. A flaw in Windows Update, Microsoft's online tool that lets customers update their operating system with patches and fixes, enabled the MSBlast worm to infect computers that apeared to have already been patched. The flaw led to a US Army server, among others, falling victim to MSBlast, according to Russ Cooper, chief scientist at security company TruSecure.
Friday, August 22, 2003 - The SoBig.F computer virus overwhelmes hundreds of thousands of computers worldwide. The worm has caused an estimated $50 million of damage in the United States alone. The worm spread using the address books of those who used Outlook or Outlook Express.
Sunday, September 14, 2003 - The Swen Worm Infects Over 1.5 Million Computers. The Swen mass-mailing Windows worm moves to the top of the virus charts a day after it first appeared. It even maintains its own counter that supposedly monitors how many PCs have been infected. Antivirus companies warned that the worm, variously known as I-Worm.Swen, W32/Swen.A@mm or W32/Gibe@MM.e, had the potential to spread quickly because it is well-disguised as a security update from Microsoft. It takes advantage of a two-year-old Internet Explorer flaw that allows it to execute directly from an email message without the help of the user. "People are absolutely seeing this pop up in their mailboxes today," Symantec senior director of Security Response Vincent Weafer told TechNewsWorld. "For the person who has got it, it's a painful cleanup process."
Wednesday, September 24, 2003 - The Welchia Virus crippled the United State's State Department systems ability to check visa applicant for terrorist or criminal history, leaving the U.S. government unable to issue visas for roughly nine hours. Welchia is an aggressive infection that exploits a software flaw in recent versions of Microsoft Windows.
Thursday morning, October 9th, 2003 - Symantec Security Response, one of the most trusted companies dealing with computer viruses, lists 28 COMPLETELY NEW VIRUSES released on the Internet during the first eight days of this month, October 2003!
DOUG BEDELL - Staff writer for Personal Technology, The Dallas Morning News.
Microsoft's Outlook and Outlook Express e-mail programs have a lot going for them. They come with Microsoft Office or bundled with your operating system. They're familiar and comfortable to workers who toil on corporate networks. Generally, they perform tasks with dexterity. Unfortunately, they also are a security nightmare. Like the recent Sobig.f worm, most computer viruses and worms invade home computers through e-mail tricks designed to attack the world's two most popular e-mail programs. It is hard enough to keep Windows patches up to date, and plugging holes in Outlook every few weeks is a hassle. For that reason, some users might consider a switch. More than 90 e-mail programs are available at Download.com. (This story appeared in the The Florida Times-Union in the beginning of September 2003)
Harvard University Faculty of Arts and Sciences, Computer Services
Avoid Microsoft Outlook/Outlook Express. Almost all modern viruses spread via Microsoft Outlook or Outlook Express. Because these e-mail clients are so closely linked to Windows and Internet Explorer, a virus targeting these programs can quickly and easily affect many areas of your system. Other e-mail programs are much safer. Webmail and Eudora are much safer than Outlook. FAS Computer Services explicitly recommends users do not use Outlook or Outlook Express.
John Gruber - Daring Fireball
Microsoft’s Outlook has been exploited by virus authors so frequently and so effectively that I dare anyone to dispute that it’s the worst email client ever, anywhere. The worst. But yet it is also the most popular.
Jim Roepcke - WebObjects developer, Roepcke Computing Solutions
IMHO, any technology-savvy person who has been paying attention to current events for the last few years, but continues to use Outlook Express for their email client, deserves to get hundreds of viruses in their mailbox every day.... This afternoon I was sitting in a waiting room while the dealer changed my truck's oil. CNN was on the television. They reported on a virus... but they referred to it only as an "email virus." They didn't mention that this "email virus" is really an "Outlook virus" because it only affects Outlook users. They didn't mention that there are alternatives to Outlook.