nimba virus

[keanon]

if you run any windows based PC,
hit www.microsoft.com/security to get up to speed,
then update your virus definitions.
this thing is nasty...spreads 5 different ways.
infected IIS servers automatically send users a redame.exe file that executes transparently on IE 5.0 and 6.0 beta.
it also spreads through email and through non-password protected 9.x shares and "everyone" access nt/2000 shares.
NAI is the only company with definitions to protect from, it thus far.

 

[Rainsford]

When we will people stop running unpatched IIS servers? Never maybe? If you don't know enough to patch your server, you shouldn't be running it. It's that simple.

 

[corkyg]

The virus is very high risk ... not nimba, but nimda (admin spelled backwards). It can attack 98, ME, and 2K ... not necessarily just servers.

Method of infection can be an executable, even in html format, but also from visiting a contaminated web site. Check your favorite AV library and you will find a great sense of urgency. This one is serious, and not one to be pooh-poohed with procedural lectures.

 

[John]

There are a few threads in Off Topic discussing this virus.