U.S. Computer Center Posts CIH Virus Warning

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread

I know this was posted a few days ago, but I think it's worth another note. Monday will be April 26. <:)=

SAN FRANCISCO (Reuters) - Carnegie Mellon University's computer Emergency Response Team posted a warning Friday to computer users about the CIH/Chernobyl virus, which could wipe out data on disk drives or make it impossible for programs to start up.

The computer group issued its warning after ``getting a number of requests for information'' about the virus expected to hit Monday. The warning could be read on the CERT Web site at http://www.cert.org .

The virus is a malicious piece of software code that has been turning up in PCs for months, but this version is the most-feared variation.

The so-called CIH or ``space filler'' virus originated in Asia last summer and hits on the 26th of each month. The CIH 1.2 that appears only once a year in April is the ``most prevalent and dangerous'' form of the virus, according to Sal Viveros, marketing vice president for Network Associates Inc., the largest computer security company.

The CIH virus is far more dangerous to individual computers than Melissa, the much-publicized bug that spread relatively benign problems far and wide on the Internet last month.

The CIH virus can irretrievably destroy data on a user's computer, and even make the machine inoperable.

It gets the name ``space filler'' because it uses a special technique that secretly fills file space on computers and thwarts many of the antivirus softwares in place before its arrival. The virus is also called the Chernobyl virus because it is timed to go off on the anniversary of the Russian nuclear accident, one of technology's worst disasters.

The virus is designed to hide from view by inserting itself into empty coding slots on a computer's software utilities. Viruses are often detected because they use up extra space on hard drives, but the ``space filler'' helps CIH avoid that traditional method of detection. It can lie dormant for months before causing damage.

The April version of the virus is particularly damaging because it can also keep a computer from starting up by infecting the software on which all the PC's programs depend, the basic input/output system, or BIOS. If the BIOS is infected, the computer will not start.

Most up-to-date anti-virus software will spot the bug, if it is there, and many corporate computers have recently upgraded their protection due to the Melissa scare, Viveros said.

-- Sysman (y2kboard@yahoo.com), April 24, 1999


Top of list.

And lets dust off that anti virus software folks. 21 hours to CIH day. <:)=

-- Sysman (y2kboard@yahoo.com), April 25, 1999.

Moderation questions? read the FAQ