Saturday, January 24, 2009

INTERNET: You've Heard About the Worm

By now, I've had three phone calls and one email about Cornficker. The latest version of this pain in the posterior is circulating and it seems to be growing at about a million PCs a day. The solution is to keep your windows updates up to date. Microsoft actually solved this one back in November. Also, run Firefox, rather than Internet Explorer and run the NoScript attachment in Firefox and never, ever, let NoScript allow Global access to scripts. Do it on a case-by-case basis. You'll know what to let in and what not to let in.

IF you want to do some reading on the subject, I was pointed to Woody Leonhard's blog on this problem at Windows Secrets. It explains (in somewhat techy speak, but with lots of pictures), exactly what this thing does. It also points to the MS site to get the patch if FOR SOME INCREDIBLY STUPID REASON you don't have the patch installed. And it also points to Scott Dunn's article on how to turn off the Auto-Run process for newly entered CD/DVDs and inserted thumbdrives. I have to tell you, Auto-Run is something that should be turned off. I hate it. And now, I have the justification for my hate. Read and decide on your own.

Lastly, Microsoft DOES have a solution to make IE running a little safer. Not enough for me, but I hate having to do recovery work, this last week being no exception. Michael Horowitz did a series of articles on explaing DropMyRights, starting with this link at C|Net. It's written for the layman and it's easy to use to put a safety net between you and the security black hole that IE is. It will even work for other internet-accessing applications. You should REALLY think about installing DropMyRights if you run IE.

No comments: