Kama Sutra Worm Could Make For A Bad Friday

mikey1134 writes "CNN is running a story about the Kama Sutra worm, a virus that is coded to overwrite files of the (potentially thousands of) infected computers. They provide some background on this viral outbreak and warn users to protect themselves" From the article: "And even for home computer users who have never taken such precautions before, security experts say now would be a good time to back up your most important data, like financial information and family photographs, to CDs, DVDs, zip drives, or an external hard drive that you know is worm and virus free. Unlike a lot of malware that exploits vulnerabilities in the Windows operating system, there is no 'patch' that can be downloaded to ward off Kama Sutra."

Write-once backups

[truthsearch]

The best backups are those written to only once. Burn to a write-once only CD or DVD. Don't back up to an external hard disk. As soon as you plug it in anything can happen, either from Windows itself or from malicious software (redundant, I guess).

In the old days we backed up to tape and flipped a switch so the tape couldn't be overwritten. Today it's burn-once disks. Don't trust anything but physical protections from disk writes.

Re:Write-once backups

[charlesnw]

You evidently don't have a lot of data to backup. My nightly backups are almost half a terabyte. If I didn't reuse media, I would have a very hard time getting my budget approved. Media isn't cheap. 100 tapes is $10,000.00. Write once is nice but doesn't work in real life. Unless you have small amounts of data that fit on one TAPE or DVD. And if you have to store your backups (we have to store offsite for 7 years) you would be paying 2 arms and 3 legs in storage and handling fees.

Oh yes, this

[voice_of_all_reason]

This is the virus that MS has a patch from their fancy new Remote System Control program, right? Simply agree to download and blindly run any code they decide to send, let 'em take a peek at what you're running from time to time, and send regular status reports to the nice windows home base -- and then, we'll protect you from the nasty viruses!

And remember, kids... that's a nice computer. Would be a shame if something were to "happen" to it, you know what I mean?

Oh leave off it

[Sycraft-fu]

There's no patch because it's not a vulnerability, it's a virus. The only thing you can patch is the users that still won't follow directions and not open executable attachments. The OS is working as intended when it executes code you ask it to, which is how this virus gets on.

This "OMG MS won't patch t3h systems!!!11" stuff on Slashdot is getting old. No, they won't patch it because there's nothing to patch. Duh. They have decided to add it to the malicious software tool, which is a mini virus scanner akin to Stinger from Mcaffee, which scans for a limited subset of viruses, but that's not a patch. Windows OneCare, which is NOT a remote control system by the way, does find it because, well, it's a virus scanner just like any other. It catches it just like AVG, F-Secure, Norton, and so on, which is to be expected as it's a competitor.

So let's leave off the bullshit ok? There are two easy methods to prevent this from hurting your system:

1) Don't run random programs that some with e-mails. If you use Outlook Express, it'll even tell you not to (twice).

2) Get a virus scanner. Doesn't need to be MS's, there are many good ones out there. I recommend AVG, it's fast and free.