Mt. Molelog (surprisingly work-safe at the moment: you’re slackin’!):
SoBig is back and spreading like wildfire, and it doesn’t even take advantage of any technical security holes, just people. People who will double-click on whatever attachments they get in mail.
Some infected AOL user visited my website at 4:10pm this afternoon. Since then, I’ve received 60 copies of this worm – about one every four minutes.
D’oh. I did remember that Sobig was more cunning than just searching your addressbook for email addresses, but I’d completely forgotten that it looks in HTML pages, including his page, and my page, in your cache. I haven’t really seen that many copies just yet, but then the free server for the address that I mostly use in public has been down since mid-morning.
So, one more time: in Outlook Express, Tools; Options; Security; check the box for “Do not allow attachments to be saved or opened that could potentially be a virus.” When someone mails you an attached spreadsheet that you really need to see, you’ll have to think for a second, uncheck it, save the bloody thing, and recheck it. A tiny price to pay for having it stop you from blindly opening ThisIsAVirus.pif when you aren’t thinking straight.