| Information on the WScript/Kak.worm Virus A virus, known as the WScript/kak.worm virus, is circulating on the Internet. There is a great deal of hype surrounding it, because it exploits a security vulnerability in IE. However, a patch to eliminate the vulnerability has been available since August 1999, and all major virus scanners will detect and remove the virus. The current variants of the virus only propagate -- they do not carry a destructive payload. www.tartoos.com The virus works by exploiting the "Typelib.scriptlet/Eyedog" vulnerability. This vulnerability makes it possible for malicious web sites, HTML mails, or programs to use an ActiveX control to make changes to a user's system without his permission. The virus uses this vulnerability to infect the computer and ensure that copies of itself will be sent with future outgoing mails. www.tartoos.com A patch to eliminate this vulnerability has been available since August 1999, and customers who have applied it cannot be affected by the virus. More information on the vulnerability, including information on where to obtain the patch, is available at http://www.microsoft.com/technet/security/bulletin/ms99-032.mspx. Irrespective of whether the patch has been applied, most major virus scanners will detect and remove this virus. That is, customers who have either applied the patch or are using a good-quality virus scanner are not at risk from this virus. Just the same, Microsoft recommends that even if you have applied the patch, you should still use a good-quality virus scanner and keep its signature files up to date. Applying the patch will protect against this particular virus; having a good-quality virus scanner will protect against this virus and thousands of others. More information is available on the Kak.worm virus at the following web sites: www.tartoos.com * Computer Associates * F-Secure * Symantec |