Microsoft Says an Unnamed Virus Can, and Probably
Will, Destroy Most Internet Computers–Fiction!
Summary of eRumor:
This email claims to include Microsoft Security Bulletin “MS01-039” and warns that a virus that has not yet been assigned a name has been released on the Internet and has the ability to “destroy data like none seen before.” It also claims that computers with the virus can infect others by being programmed to scan the Internet to find them. It quotes someone as saying that the virus can wipe out most Internet users, and chances are it will.
This is a hoax. No such warning has been issued by Microsoft and, as of this writing, Microsoft Security Bulletin “MS01-039” does not yet exist. The content and style of the eRumor betray it as fiction. For example, viruses do not infect the Internet in nameless form and wait for Microsoft or anyone else to give them an identity. Their names come from words or filenames in or attached to the viruses themselves.
The following is a Security Bulletin from the Microsoft Product Security
Please do not reply to this message, as it was sent from an unattended
Title: Vulnerability in Windows systems allowing an upload of a
Date: 10 July 2001
Software: Windows 2000
Impact: Privilege Elevation
Microsoft encourages customers to review the Security Bulletin at:
Yesterday the internet has seen one of the first of it’s downfalls. A virus (no name assigned yet) has been released.ccOne with the complexity to destroy data like none seen before.
Microsoft Windows 95
Microsoft Windows 95b
Microsoft Windows 98
Microsoft Windows 98/SE
Microsoft Windows NT Enterprise
Microsoft Windows NT Workstation
Microsoft Windows Millenium Edition
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Service packs up to Service Pack 6 for Windows NT 3/4 Systems.
Service pack 1 and 2 for windows 2000.
Officials say this virus is unique in many ways. It spreads via new forms,
such as using a new vulnerability in Windows
98 allowing already infected computers to upload (send files) to
non-infected computers, this means that you do not have
to download or visit a site to be infected with the virus. The infected
computers are programmed to scan for computers
running Windows 9x, and Windows 2000 and uploading the virus.
-What the virus does:
The virus itself is a threat to normal users as well as businesses. Cooper
from microsoft said “This virus has the ability
to wipe out most of the internet users and the chances are it will, the
risk is high, patches must be installed to affected
systems.” The virus itself is made for one reason and one reason only, to
reproduce, destroy documents, delete mp3 files,
movie files, infect .exe files, this virus also has a unique feature that
destroys the BIOS (Basic Input Output System),
which means ones that are infected would need to purchase a new
%65 to download the patch named ms_v275657_x86_en.exe. Download and run the
– Jon McDonald (http://www.entrigue.net)
– Russ Cooper (http://www.ntbugtraq.com)
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED
“AS IS” WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL
WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT
MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES
WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL,
OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR
CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY
—–BEGIN PGP SIGNATURE—–
Version: PGP Personal Privacy 6.5.3
—–END PGP SIGNATURE—–
You have received this e-mail bulletin as a result of your registration
to the Microsoft Product Security Notification Service. You may
unsubscribe from this e-mail notification service at any time by sending
an e-mail to MICROSOFT_SECURITY-SIGNOFF-REQUEST@ANNOUNCE.MICROSOFT.COM
The subject line and message body are not used in processing the request,
and can be anything you like.
To verify the digital signature on this bulletin, please download our PGP
key at http://www.microsoft.com/technet/security/notify.asp.
For more information on the Microsoft Security Notification Service
please visit http://www.microsoft.com/technet/security/notify.asp. For
security-related information about Microsoft products, please visit the
Microsoft Security Advisor website at http://www.microsoft.com/security