*this post is outdated for solutions – return to blog home page and see most recent post

By now you may know the story of the week old Windows flaw that has so far mutated and distorted into over 60 different variations of trouble for you. This is not “a virus” or “some spyware” and you are NOT protected against it no matter what Antivirus or Firewall software you have, or the status of your Windows Updates.
Your hardware firewall MAY protect you, but why risk it?

In a nutshell -

This Windows security flaw affects Windows 98, ME, 2000, and all versions of XP kicks open the front door of your computer and then announces to the world “here I am, come get me! .

Then the bad guys run malware, spyware, spam servers, porn distributions, or anything else they want over your computer, and in most cases, it is NOT fixable by your IT department without a format and reinstallation of Windows.

This is the single worst thing I’ve ever seen, and I can’t believe it’s not on the TV news by now. Please do not take this lightly.

If you want a more technical explanation – read this but I’m telling you how to fix it right here, right now in about 90 seconds.

First, try this link to an unofficial patch from an individual overseas. While Microsoft has not got a fix, this guy has a solution here

If that account is still suspended (as it has been all day, due to millions of people trying to access it) then read this post on my blog and ACT IMMEDIATELY.

Do this on every one of your computers right away, or you may be very sorry.

update 1:45 pm Jan 3, 2005 –
the site below is down, and has been all day since everyone in the world linked to it!

Use the solution from New Years Eve if it’s not up when you try it…

Since my previous post, Ilfak Guilfanov has a better option for fixing this dangerous flaw.

Hex blog: Silent WMF Hotfix Installer

http://www.hexblog.com/cgi-bin/mt/mt-tb.cgi/19

Also, my friend and colleague Steve Shank has written a great article explaining what’s going on, and he’s posted it here on the Oregon Computer Consultants Association website…

I got an email today from one of my old computer repair customers in Portland that told me I was sending out viruses, and wondering how I could be so careless.

I know darn well I’m innocent, but trying to explain that to people can be a pain in the neck. Now, when someone tells you that you sent them a virus or a phishing scam, you can just send them a link to this blog post.

Basixcally, what’s happening is that spammers are using anydomainname.com to send out their mail messages. when someone goes to reply, it looks to the user like it came from you.

 

However, if they were to view the headers of the email, they would see that is really came from elsewhere.

For a more technical explanation of “spoofing” read this, but you can likely take comfort in knowing that you’re not sending out spam. Unless of course, there’s spyware on your computer?

 

I got an email this morning telling me that Winpatrol was not helping with their Spam, and they were still getting a lot. I explained that Winpatrol is not for spam, but did refer them to Spam Arrest. Spam Arrest will stop 100% of your spam, guaranteed, for up to 5 email addresses, and they’ll even give you a 30 day free trial!