Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Worm Chats with Users on AIM

Posted by CowboyNeal on Wednesday December 7, 2005 @02:32AM from the talking-it-up dept.

goldseries writes "CNet is reporting that a new IM worm chats with users to get them to down load a file containing a virus. The virus replicates its self and sends its self out to user's buddy lists. The virus will reply 'lol no this is not a virus.' The virus hides users from seeing the messages sent out to members of their buddy list. Viruses are evolving; now they will even talk to you."

3 of 577 comments (clear)

Min score:

Reason:

Sort:

Re:lol no this is not a virus by prionic6 · 2005-12-07 02:50 · Score: 5, Informative

This will come in to you from another AIM-user you KNOW and who is infected. Not some stranger.
Note by Sheepdot · 2005-12-07 03:31 · Score: 5, Informative

Note: The slashdot article says 'lol no this is not a virus.' The CNET article says "lol no its not its a virus".
Uhh... Windows DOES have the Execute "bit" by AKosygin · 2005-12-07 04:52 · Score: 5, Informative

On NTFS formatted filesystems, you can use the ACL to default set it so that all files saved will not have the "Execute File" permission. You just deselect "Allow" for the line that says "Traverse Folder / Execute File" for the "CREATOR OWNER" entry and "Apply onto" "Files Only" for the scope and allow propagation down.

Or, you can go into your Group Policy Object (Local Computer or Domain) and by default in your Software Restrictions Policy disallow execution unless they were in areas of the file system you designate, I.E.: "Program Files" folder. And if I remember correctly, saved files from current versions of IM programs are saved in "My Documents" outside of the "Program Files" folder by default.