Click to return to BOL home page
Banker Store eCard Exchange Vendor Connect Career Connect Learning Connect Bankers Information Network
Home Compliance Lending Operations Security Marketing Technology/eBanking
Top Stories Bankers' Threads 2008 BSA Conference CrimeDex Em@il Education FREE Briefings Record Retention

   

















    Site Map

    Our Sponsors

    Home










January 8, 2002

NIST Virus Info
Top Threat List
McAfee Anti-Virus
F-Secure
Trend Micro
Wells' Wild List
Stiller Research
Tracking Map
Virus News
Virus Myths/Hoaxes


Microsoft UPnP Buffer Overflow and DoS Vulnerabilities Advisory

Multiple vulnerabilities in the Universal Plug and Play (UPNP) service have recently been discovered in Microsoft Windows XP and ME and in Microsoft Widows 98 and 98SE running the XP Internet Connection Sharing Client. Additional vulnerabilities can result in either a Denial of Service (DoS) against the targeted system or a possible Distributed Denial of Service (DDoS) attack against a network. Both CERT Coordination Center (Carnegie Mellon) and NIPC (National Infrastructure Protection Center) recommend immediately downloading and installing the appropriate patch for each affected operating system:
  • Hotfix for MS Windows 98 and 98SE
  • Hotfix for Microsoft Windows ME
  • Hotfix for Microsoft XP
Top 10 Virus Threats

The National Infrastructure Protection Center (NIPC) recently released its list of the Top 10 Virus Threats for 2001. Several of these virus threats (Goner, Nimda, Sicam) remain among the most widely widespread risks infecting computer systems today. To limit the possibility of infection, readers are reminded to update their anti-virus software on a regular basis.

Ranking Virus Name Removal Tool
1
 W32/Sircam Sircam Removal Tool
2
 W32/Magistr
3
 W32/Hybris Hybris Removal Tool
4
 W32/Nimda Nimda.E Removal Tool
Nimda.A Removal Tool
5
 W32/BadTimes BadTimes Removal Tool
6
 W32/Goner Goner Removal Tool
7
 W32/Apology (MTX)
8
 VBS/Homepage
9
 VBS/SST (Anna K)
10
 W32/Code Red Code Red Removal Tool




Assessing Your Information Security Readiness

Can you answer these three important questions?
1. Will our information security program pass regulatory scrutiny and satisfy the examiners?

2. Will the program actually protect our customer information? Is it workable? Is it properly implemented? What safeguards do we have in place to guard against deviations from it? Are our people properly trained and monitored?

3. Is it good enough? If you have an information security breach that results in litigation against your institution, will the plaintiff's attorneys make mincemeat out of you? Did you do your research? When you assessed the likelihood of various types of threats, were you thorough enough? Did you utilize outside expertise where necessary?

Additional resources on Information Security are available from the BOL InfoSec Clearinghouse

Top 5 NEW YEAR'S Technology Resolutions at your Institution

  1. Require users to routinely install anti-virus signature updates and apply them to all files.
  2. NEVER Open unsolicited e-mail attachments without verifying their source.
  3. Install security patches-especially for Microsoft Office, Microsoft Internet Explorer, and Netscape.
  4. Backup critical files and test backups.
  5. Educate all users to recognize potential security breaches.


Previous Tech Alerts:
12/20/01 Holiday Themed Computer Virus Unleashed


Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking
BOL Archives    Privacy Policy    Important Disclaimer   Recommend This Site !   Contact Us


BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.