DFA LOGO

David Fenton Associates

E-mail Message from Microsoft Regarding ILOVEYOU Worm

--------------------------------------------

Training
Software
Support
Opinion
Help Pages
Partners
About DFA

Microsoft has a different version of this statement on their website at http://www.microsoft.com/technet/security/virus/vbslvltr.asp.

Received: from cpmsftsmtpq16 
   (cpmitgmsgd03.newswire.microsoft.com [207.46.134.12]) 
   by ida.bway.net (8.9.3/8.9.3) with ESMTP id QAA25215 
   for ; Mon, 8 May 2000 
   16:07:37 -0400 (EDT)
Received: from cpmsftddsq01 ([10.48.131.25]) by 
   cpmsftsmtpq16 with Microsoft SMTPSVC(5.0.2195.1340); 
   Mon, 8 May 2000 13:08:34 -0700
Reply-To: <3_1448_3EDA39DC-19FF-D211-B420-00805F778512_US@
   Newsletters.Microsoft.com>
From: "Microsoft" 
   <0_1448_3EDA39DC-19FF-D211-B420-00805F778512_US@
   Newsletters.Microsoft.com>
To: <dfenton@magnaconsulting.com>
Subject: Special Edition-Office News Service-Virus Alert
Date: Mon, 8 May 2000 13:08:34 -0700
Message-ID: <8a41401bfb929$30282c00$1983300a@cpmsftddsq01>
MIME-Version: 1.0
Content-Type: text/plain;
   charset="iso-8859-1"
X-Mailer: Microsoft CDO for Windows 2000
Thread-Index: Ab+5KS2MPnoTqTRkShup7FZc7LBsDg==
Content-Class: urn:content-classes:message
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
X-OriginalArrivalTime: 08 May 2000 20:08:34.0529 (UTC) 
   FILETIME=[30544510:01BFB929]
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by 
   ida.bway.net id QAA25215
Status:   

This special edition of the Office News Service is to 
alert you to a new e-mail virus that has the potential to 
affect users running Microsoft Outlook.

To cancel your subscription to this newsletter or stop 
all e-mail newsletters from microsoft.com, read the 
directions at the bottom of this page.

Last week a new virus began circulating through e-mail 
that has the potential to affect a wide range of e-mail 
users including those users running Microsoft Outlook.  
If run, the virus could overwrite .jpg, .mp3 and other 
file types, and attempt to send a copy of itself to 
everyone in the recipient's address book. 

The e-mail containing the virus typically carries a 
subject line of "ILOVEYOU" (although other variants have 
also arisen with the subject lines containing text such 
as Mother's Day, Joke, and Virus Alert).  Inside the mail 
is a short text message saying "Kindly check the attached 
LOVELETTER coming from me" and an attachment named 
LOVE-LETTER-FOR-YOU.txt.vbs.  If you receive this message 
or any of the related messages, it is important to delete 
the message immediately and empty it from your Deleted 
Items folder.  It is important to note that this virus 
cannot run by itself.  In order for it to run, the 
recipient must open the mail, launch the attachment by 
double-clicking on it, and answer "yes" to a dialogue 
that warns of the dangers of running untrusted programs.  
For more information on this virus and all other 
Microsoft security information, please see:
<http://www.Microsoft.com/security>

Below are a series of tips and best practices that can 
help Outlook users increase their security protection to 
avoid being affected by these types of viruses in the 
future.

1) Customers can avoid being affected by this and other 
viruses by following standard best practices:
++ Never run an executable from someone you don't know. 
++ Always have a good-quality virus scanner. 
++ Always keep the virus scanner's signature files up to 
date.

2) Outlook users should install the E-mail Attachment 
Security Update from the Office Update Web site. This 
update increases the security protection provided by 
Outlook for certain types of e-mail attachments.  Once 
installed, this update will change the attachment dialog 
box when certain attachments such as executables are 
opened so that users see more explicit warning language 
and will be required to save the attachment to the file 
system before opening it. This update helps users avoid 
accidentally releasing viruses that hide in .exe files or 
from file extensions they are not familiar with.  It is 
important to note that saving the attachment to the file 
system does not automatically remove any virus that may 
be present.  Before opening the attachment users must 
scan it using an updated anti-virus software program. 
This update also prevents Worm viruses from spreading 
through the Outlook Address Book.  The primary benefit of 
this update is to ensure users are aware of the potential 
security risk of attachments and to decrease the 
potential for viruses to be spread through the Outlook 
Address Book.  This update is also included as part of 
Office 2000 SR-1.

These updates are located at:

Office 2000 Service Release 1- 
<http://officeupdate.microsoft.com/2000/
downloadDetails/O2kSR1DDL.htm>

Outlook 2000 E-mail Attachment Security Update- 
<http://officeupdate.microsoft.com/2000/
downloadDetails/O2Kattch.htm>

Outlook 98 E-mail Attachment Security Update- 
<http://officeupdate.microsoft.com/
downloadDetails/O98attch.htm>

Outlook 97 E-mail Attachment Security Update- 
<http://officeupdate.microsoft.com/
downloadDetails/O97attch.htm>

3) If you use Outlook 2000, use the option to set your 
attachment security setting to High.  When security is 
set to High, users will receive a warning before opening 
an attachment.  To make sure your setting is set to High:
1) On the Tools menu select Options 
2) Select the Security Tab 
3) Click on the Attachment Security button 
4) Select High (if not already selected)

Microsoft and Outlook are either registered trademarks or 
trademarks of Microsoft Corporation in the United States 
and/or other countries.
--------------------------------------------
Home | Training | Software | Support | Opinion | HELP
Partners | About DFA
--------------------------------------------

©2000, David Fenton Associates. Created May 8, 2000. Updated updated July 5, 2000.