I have been having heated conversations with the local MS support line about
this one. The IE hole (which is the hole exploited when the worm runs by
Outlook or IE) has a patch that is available on the MS website, but demands
IE 5.5 sp1 or greater to install. To install sp1 you need to download IE and
the service pack (you can't download just sp) from the website. Inside
Australia there it is not available on CD. Basically inside a network you
must download it for each machine. At the moment every machine has js
disabled until we can patch IE. Not happy.
Breakdown of the worm available at:
From: Walter Burrough [mailto:wburrough67@y...]
Sent: Wednesday, 19 September 2001 6:40 PM
To: Code Clinic
Subject: [proasp_codeclinic] Re: nimda worm
Yep, it's nasty. I caught it while browsing a website
yesterday. My PC is a mess. Symantic only released
definitions for it yesterday and I hadn't downloaded
them so it happily whistled past my virus scanner.
I thought I'd covered myself pretty well. Bad day.