Common Misconceptions
- The TV station said that home PC users running Windows 95, 98, or ME could not get this worm.
False. Nimda can infect any Windows 32-bit user. That includes Windows 95, 98, NT, 2000, and ME.
- You can contract this virus even without downloading anything from infected sites.
Sort of True. Infected websites offer the virus to unsuspecting visitors. Unpatched versions of Internet Explorer 5.01 and 5.5 will allow the file to be downloaded and run on your system without your knowledge. Patched or newer versions will present you with the file and ask if you want to run it or save it to disk. You should choose "Cancel" if asked.
- If everyone using Microsoft® IIS patched their servers, this problem wouldn't exist.
True, but...At least one of the many patches involved does not support Netscape plug-ins. This alone has caused some adminstrators not to adopt a particular patch. It is also not just one simple patch, but a series of patches - some of which date back to 1999 - that must be installed. Not all of these patches were considered critical updates and thus not as widely adopted as perhaps they might have been.
- I use Netscape® Mail, Eudora™ or some other mail client. I'm protected, right?
False. You can still receive the file in email. If you choose to open it, you will become infected. Likewise, if you visit an infected website you are indeed vulnerable as described above.
- My antivirus software is up-to-date. That's all I need to do.
False. Antivirus software was not able to detect Nimda when it first came out. New variants of Nimda will also likely go undetected until the antivirus update specific to that variant is applied. If you're using software that needs patching, patch it.
Prevention
Certainly using antivirus software and keeping it up-to-date is essential. However, even more important, systems must be patched. It's also a good idea to have a firewall employed. An excellent firewall for PCs, ZoneAlarm is free for personal use. An attachment and active content filtering product such as MailDefense can keep email worms such as Nimda out of your inbox. Panda Antivirus Platinum combines solid antivirus protection as well as attachment filtering. While security is never passive, these preventive measures should ward off even the most wily of worms.
Also see:
