Hello,

     The recent email-spread computer viruses were shockingly preventable.  A security hole in a feature in Windows allowed the viruses to propagate.  It was not an unknown hole that some clever hacker discovered accidentally a few days ago.  This security hole had it's first MAJOR introduction some time back with the Melissa virus.  There is no excuse good enough to explain why Microsoft and the rest of the world didn't shore up this hole properly a very long time ago.  The solution for stopping viruses like these is very simple and but a few clicks away.  This letter will tell briefly how the recent viruses like Melissa, ILOVEYOU and others spread through email and how to SIMPLY fix your computer so you do not have to ever be affected by THESE TYPES of viruses again regardless if you have antivirus software or not.

     This is not a listing of changes that these viruses make to the victim's computer, that type information can be read about at: http://www.zdnet.com/zdnn/special/lovebites.html .  Read about the virus!

Read the advanced details of this virus (tells about all the files that the virus changes, registry and all) and prevention here:
http://www.cert.org/advisories/CA-2000-04.html

Download patches for Outlook here, or read on:
http://www.microsoft.com/technet/security/virus/vbslvltr.asp
 
     How do these recent viruses (Melissa, ILOVEYOU, etc.) spread?  In order for any virus to spread and cause trouble it must execute, or run.  Just like when you start up your web browser or email program, these viruses are just programs with the exception that they do bad things.

     How do the viruses like ILOVEYOU or Melissa execute?  They are a special type of program that exploit a "feature" in Windows called Windows Scripting Host (WSH).  It is not evil, it is a potential good thing but people are evil and like to exploit weaknesses in software for amusement.  How can you protect yourself against being infected with these types of viruses?  Yes, updating your antivirus definitions is very helpful, but the viruses are spread due to the weakness with WSH and virus definitions can't keep up fast enough with these viruses.  In order to be protected from a virus the antivirus program HAS TO KNOW the virus exists before they can develop protection from it.  ILOVEYOU and all it's newer manifestations happen so fast antivirus companies can't keep up with them.  Even if you have just protected yourself by updating your antivirus definitions 10 minutes ago, you have just protected yourself with what exists now and are susceptible to what will come over the hill in 5 minutes.  Why not protect yourself from all viruses of this type?  The best choice is to take the fuel away from the virus writers; the feature must be disabled.  Most Windows users are susceptible to this weakness (90%).

     The ILOVEYOU virus, like the Melissa virus, spread in the same way.  They exploit the same weaknesses.  They execute the same way.  If you want to completely stop viruses OF THIS TYPE from infecting your computer or your office network, disable this feature now.  If the program cannot be executed, then the virus cannot be spread.  The recent explosions of viruses of this type could have ALL BEEN STOPPED if this feature was disabled.  This will not stop all viruses, just the type listed above.

     And another thing, only a few of all Windows users ever use this feature.  There can be no detriment to disabling it.  No programs will crash, your computer will not have to be repaired in the future.  If by some fluke you do use this type of scripting in your work and need it, you can just re-enable it.  If you use Windows 95 or Windows NT 4, you ARE NOT susceptible to this virus UNLESS you are using Internet Explorer 5.0 or greater.  Below are the directions as to how you can disable this feature for Windows 98, Windows 2000, Windows NT 4, and Windows 95.

In Windows 98 or Windows 2000 (Win2000 directions should be the same as listed below, ad lib if needed):

1) Click your Start button
2) Click on Settings
3) Click Control Panel
4) Double-click Add/Remove Programs
5) Click the Windows Setup tab
6) Select Accessories, then click the Details button
7) The second to last item on that list is the Windows Scripting Host.  Uncheck that option.
8) Click Ok, then Ok at the next window.  You may want to restart your computer, I don't recall if that is necessary to activate the changes.  I'd just do it to be safe.


(Windows 95, NT 4) Remove the VBS File Type
 
1) Double-click "My Computer" on your desktop
2) On the Top Menu, select View -> Folder Options or View -> Options, depending on what software you have installed.
3) Click the File Types tab.  A list of registered File Types will appear.
4) Scroll down (list is alphabetical) and locate "VB Script Script File"
5) Highlight it and click "Remove" (or "Delete"). Answer "Yes" to the confirmation box.
6) If "VB Script Encoded File", extension "VBE" is also in the list, remove it as well.
7) Click "Close" or "OK", "OK".

This last fix for Win95 seems to work on my computer.

Notes:
     If you need to use VBS (same as WSH) and only want to disable rather than remove automatic scripting, you could try changing the automatic function to "Edit" rather than "Run", but only do this if you know what you are doing. Advice on fine-tuning is beyond the scope of this document.

**(The directions on disabling Win95, etc. comes from a Usenet article titled 'OT: A Very Simple Fix For The "Love Bug" and All The Copy Cat Variations" in the "uk.rec.fishing.coarse' newsgroup on 05/06/00 found at: http://x38.deja.com/getdoc.xp?AN=620000205&CONTEXT=957731830.1606418452&hitnum=7 , I hope the link will remain intact.)**

Now it is not possible to get viruses LIKE THIS ever again.  Now you just have to deal with traditional viruses.

     The 10 billion+ dollars lost from this virus was a waste.  This bug even affected the NSA!  If the solution is so obvious, why are so many being affected?  If I, a mere college student, can solve this problem, why can't the rest of the world do anything about it?  All that will come of this will be unnecessary laws passed and restrictions placed by people who don't know any better.  We consumers need to start demanding more out of our products and telling software vendors to fix holes like WSH.  I don't mean to pick on Microsoft too much, but more prolific viruses are spread through these avenues than traditional means anymore.  I don't believe the solution is more (prospective) laws, it's better programming and more consumers holding vendors accountable for their product's weaknesses.  Will anyone pay me to spearhead this initiative?  I'll take 1% of that 10 billion... Spread this email around.
 
 
Good day,
Adam Cary.
mr_linux@hotmail.com