ZIP-files transporting Blaster.exe? Thread poster: Mats Wiman
| Mats Wiman Sweden Local time: 16:18 Member (2000) German to Swedish + ... In memoriam
Dear all, I heard this from a colleague today: He had been told by Microsoft Sweden and the supplier of his new computer that there is only one way of staying uncontaminated by this worm is: DO NOT ACCEPT AND OPEN ZIP FILES Reason: Antivirus programs cannot detect the worm wrapped inside a Zip file and therefore the rascal that created this virus chose exactly to make the worm creep into Zipfiles. Now: Is there any truth in this?... See more Dear all, I heard this from a colleague today: He had been told by Microsoft Sweden and the supplier of his new computer that there is only one way of staying uncontaminated by this worm is: DO NOT ACCEPT AND OPEN ZIP FILES Reason: Antivirus programs cannot detect the worm wrapped inside a Zip file and therefore the rascal that created this virus chose exactly to make the worm creep into Zipfiles. Now: Is there any truth in this? Please ask your experts and tell us all because refusing to use Zip files would certainly change our working day. (I am 'clean' but several programs of mine has been damaged. I hope this message does not constitute a risk for ProZ.com) BR Mats J C Wiman Übersetzer/Translator/Traducteur/Traductor > swe http://www.MatsWiman.com http://www.Deutsch-Schwedisch.com http://www.proz.com/translator/1749 (ProZ.com deu>swe & forum moderator) eMail : [email protected] Street: Träsk 201 Post : S-872 97 Skog Tel : +46-612-54112 Fax : +46-612-54181 Mobile: +46-70-5769797 ▲ Collapse | | | gianfranco Brazil Local time: 12:18 Member (2001) English to Italian + ... zip files are checked by the antivirus utilities | Aug 14, 2003 |
Mats, I think the rumours that you mention are inaccurate. Several types of files (executable, Word, Excel, etc...) contained in a zip file can host a virus and all decent antivirus utilities will check their content. The check happens when the zip file is opened and the content extracted, the files are moved into a temporary folder and there the antivirus checks them. In other words, opening a zip file is one of many normal ways of accepting files, not differen... See more Mats, I think the rumours that you mention are inaccurate. Several types of files (executable, Word, Excel, etc...) contained in a zip file can host a virus and all decent antivirus utilities will check their content. The check happens when the zip file is opened and the content extracted, the files are moved into a temporary folder and there the antivirus checks them. In other words, opening a zip file is one of many normal ways of accepting files, not different (from the system point of view) and not more dangerous than copying from other media or downloading from the Internet. Moreover, not accepting and not opening any zip file would amount to halt our work, as they are essential in many exchanges, so the advice to not accept zip files is not very practical. I would rather say: buy, install and keep updated a good antivirus software Gianfranco PS: posting on the forum is not dangerous for the site, that's sure...
[Edited at 2003-08-15 08:02] ▲ Collapse | | | achisholm United Kingdom Local time: 15:18 Italian to English + ... good common sense.. | Aug 14, 2003 |
.. is not to open email attachments from anyone you don't know or of a type you do not normally receive. Good common sense is always the best security policy. | | | Mats Wiman Sweden Local time: 16:18 Member (2000) German to Swedish + ... TOPIC STARTER In memoriam Thanks Gianfranco! | Aug 15, 2003 |
Your expertise carries weight with me. I sincerely hope you're right. No ZIPs would border on disaster for us so what you say is very enouraging. BR Mats | |
|
|
Ralf Lemster Germany Local time: 16:18 English to German + ... W32.Blaster is different | Aug 15, 2003 |
.. is not to open email attachments from anyone you don't know or of a type you do not normally receive. Good common sense is always the best security policy. I agree in principle, but this policy wouldn't have helped with the latest worm, since Blaster is not transmitted via an email attachment (which is why the ZIP archive issue is irrelevant here), but attacks directly via an open Internet connection. Good luck, Ralf | | | Mats Wiman Sweden Local time: 16:18 Member (2000) German to Swedish + ... TOPIC STARTER In memoriam Conventional wisdom sometimes isn't final | Aug 16, 2003 |
Dear all, My colleague riposted that your answers are well known as conventional wisdom in this field. The NEW CHARACTERISTIC of theis worm is that it does not concur. My question was a trifle unprecise: I did not ask for what you already know, I hoped that you would ask your suppliers and/or Microsoft about the truth "Do not open ZIP files!!" TIA Mats | | | Suzanne Blangsted (X) Local time: 08:18 Danish to English + ...
Blaster enters through open ports on your computer (port 135 I believe). To close ports and prevent intrusion into your system, you need a firewall. I use ZoneAlarm Pro. This fire wall does NOT allow anything to go through that I don't want. This fire wall can be personalized, and the "stuff" you want to get through the firewall is checked before entering into your computer, Zip files included. Of course, I also have a program for virus protection, especially for e-mails. | | | Mats Wiman Sweden Local time: 16:18 Member (2000) German to Swedish + ... TOPIC STARTER In memoriam Warning! The novelty is the stowaway characteristic | Aug 16, 2003 |
Sorry to disturb but my colleague made the following test: 1. From his infected Computer 1 he sent a file he new was infected to his cleansed reformatted computer No 2 Result:Caught by his antivirus program (AVG) 2. He then sent the whole folder containing the infected file. Result:Caught by his antivirus program. 3. He the zipped the folder and sent it. Result: His antivirus program did not say anything! This is exactly what Dell and Micros... See more Sorry to disturb but my colleague made the following test: 1. From his infected Computer 1 he sent a file he new was infected to his cleansed reformatted computer No 2 Result:Caught by his antivirus program (AVG) 2. He then sent the whole folder containing the infected file. Result:Caught by his antivirus program. 3. He the zipped the folder and sent it. Result: His antivirus program did not say anything! This is exactly what Dell and Microsoft had told him ! ! So please: Check with Dell, Microsoft and others who might know more than you - for the benefit of us all. Mats ▲ Collapse | |
|
|
Klaus Herrmann Germany Local time: 16:18 Member (2002) English to German + ... Get a better antivirus program then. | Aug 17, 2003 |
Mats Wiman wrote: 3. He the zipped the folder and sent it. Result: His antivirus program did not say anything! This is exactly what Dell and Microsoft had told him ! ! I don't think anyone would claim that a ZIP file can't contain a virus. It's obvious that a ZIP file can *contain* a virus, but as with email attachments, the virus has to be activated. IOW if you scan the files after you unzipped the archives, the antivirus program ought to detect the virus. No harm done unless you'd be starting an self-executing archive. A self-executing archive is a program and it's obvious that a program needs to be scanned before launching it. As for scanning ZIP files, all I can say is that my antivirus program is able to scan the files contained in a ZIP file as well. No need to bother Microsoft with that. Obviously the program your friend uses isn't able to scan into ZIPs or it isn't setup properly. The "Scan files in ZIP files" option can disabled in the setup of the AVG I am using. | | | Mats Wiman Sweden Local time: 16:18 Member (2000) German to Swedish + ... TOPIC STARTER In memoriam Blast.exe is NEW and DIFFERENT | Aug 17, 2003 |
Klaus Herrmann wrote: IOW if you scan the files after you unzipped the archives, the antivirus program ought to detect the virus. Provided the worm is in the files As for scanning ZIP files, all I can say is that my antivirus program is able to scan the files contained in a ZIP file as well. No need to bother Microsoft with that. Obviously the program your friend uses isn\'t able to scan into ZIPs or it isn\'t setup properly. The \"Scan files in ZIP files\" option can disabled in the setup of the AVG I am using.
His is too, but does not detect this worm Read what DELL and MICROSOFT said under the new thread: http://www.proz.com/topic/13380 whereto the discussion has been moved. | | | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » ZIP-files transporting Blaster.exe? TM-Town | Manage your TMs and Terms ... and boost your translation business
Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.
More info » |
| Trados Studio 2022 Freelance | The leading translation software used by over 270,000 translators.
Designed with your feedback in mind, Trados Studio 2022 delivers an unrivalled, powerful desktop
and cloud solution, empowering you to work in the most efficient and cost-effective way.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |