Computer Knowledge Newsletter – September 1998 Issue

In This Issue:

Virus News

Strange Brew Java Virus. InfoWorld reports the development of the first Java virus: Strange Brew. Developed as a demonstration project, the virus does not appear as though it will be a problem for end-users; only for those developing in the Java language. Even then, the virus does not appear to be a significant problem, except that it shows some weaknesses in Java, a development language touted for its security features.

The virus attaches itself to Java “class” files and, in theory, could therefore work on Windows, Macintosh, UNIX, and other computers that run Java applications. It infects both standalone Java applications and Java applets (helper programs often attached to web pages). While it can spread when standalone Java applications are run, a properly-configured web browser will abort an infected applet due to security constraints built into the browser. This is largely why this virus is a minor risk to end users.

For detailed information see the Symantec web site: Link

Virus Infections Increasing. A recent study of 300 companies is reported to have shown that the rate of virus infection increased some 48% over a one-year period despite the fact that the companies regularly used anti-virus software. The problem? While AV software was installed it was not kept up to date regularly.

If you look back over the past newsletters, you’ll note a pattern of reminders that you should keep your anti-virus software up to date. Perhaps now it’ll be clear why!

On average, the survey showed more than 86 viruses per 1,000 computers with disks brought from home as being the most popular vector. (Computer Knowledge strongly recommends that any company AV contract allow installation on both company and home computers.) Second most common vector was the E-mail attachment. Macro viruses were the most common virus type.

So, again, keep your anti-virus software updated!

General Security

IE Cross Frame Navigate Vulnerability. Microsoft has issued a security announcement regarding a new vulnerability in IE 4.0, 4.01 and 4.01 SP1 on Windows NT 4.0/3.51, Windows 95/98, Macintosh and IE 3.x. The vulnerability could allow a malicious webmaster to read the contents of files on your computer. Worse, the vulnerability could also affect software from other companies that uses IE files to provide HTML functions. So, even if you don’t use Internet Explorer as your primary browser you could be at some risk and should download the security patch Microsoft has provided. For more information see: Link

and, for the security patch itself see:

IE4: Link

Win98: Launch Windows Update from the Windows Start Menu and click “Product Updates.” When prompted, select ‘Yes’ to allow Windows Update to determine whether this patch and other updates are needed by your computer. If your computer does need this patch, you will find it listed under the “Critical Updates” section of the page.

I3: Upgrade to IE4 and then apply the patch.

How Hackers Break In. If you get near a bookstore, library or magazine rack that carries Scientific American you may want to take a look at the October 1998 issue, starting on page 95. They have a series of articles covering hacking, computer security in general, and cryptography. While covering a technical topic, the articles are well written and in the classic Scientific American style (understandable by most with a good general education). Worth spending a couple of hours in a library if you don’t want to spend the $4.95 cover price (they have some articles on their web site ( Link) but, unfortunately, this series was not there).

Windows Shared Files. A security problem existing in prior versions of Windows continues to exist in Windows 98 (although at least in Win98 they warn you). If you create a shared file for use over a network and do not password-protect the file you open up your computer to access from anyone who can get your IP address–that’s anyone in the world if you’re connected to the internet. Aside from the warning, Microsoft has no plans to close this hole as they claim it’s driven by user demand.

Information of Interest

What’s After Y2K? OK, everyone is Y2KO’d; what’s next? It depends on the industry you’re in, but here are a couple of things to think about:

  • Dow Jones at 10,000. While it might take a little while longer with the market downturn recently, eventually the Dow Jones average will need five digit spaces instead of the four it has needed for the last 25 years or so.
  • Stock Exchange Decimals. Just when you get used to thinking in eighths for stock prices, the exchanges have now approved trading in sixteenths and this is only a way station on the way to a conversion to decimal notation.
  • Zip Codes. First it was five digits and then nine. Now, it’s eleven digits if you want the discount for adding the digits that sort mail by specific routes. The Post Office says there won’t be more numbers coming, but that’s what they said after nine as well.

That’s a start. If you have others, please let me know. (Reports are that phone numbers and the Social Security Number are good until at least 2025.)

Why Look at Firmware? The question about why firmware controllers might be a Y2K problem was recently asked. Let’s take a simple example. Consider an elevator controller. Assume the pre-programmed chip causes the elevator to work Mon-Fri and to be locked down on the first floor over the weekends. 31 Dec 1999 is a Friday (and so the elevators should lock down the next day). But, 1 Jan 1900 (the default date if the chip only uses two-digit years) is a Monday. So, when the elevator is supposed to be locked down it’s running normally and the following Thursday (the 6th) it will suddenly lock down since it thinks that’s really a Saturday.

That’s a simple example. You can extend it to most any type of controller that makes decisions based on the day of the week.

Access Database Bug. If you use Microsoft’s Access database program there are circumstances where your data may become corrupted. To demonstrate the bug you can:

  • Open a form that has thousands of records (having at least 200 records is important).
  • Delete one of the early records.
  • Use RecordsetClone and Bookmark to move to a later record.
  • Edit the record and save your changes.

On screen, the edits will appear OK, but in the database itself the revisions will be saved to the following record instead of the intended record (if you delete two records the changes will be saved two records later). The bookmark count is not programmed correctly.

Microsoft has acknowledged the problem, but plans to correct it have not been announced.

There is a less-than-satisfactory workaround. Requerying the form before using RecordsetClone will prevent the problem. But, the query process may take some time for long databases and this can cause problems with automated processes.

In closing: I hope summer was good to all readers of this newsletter.