Welcome to SafeInternetEmail

News

• Home
• About Us
• Demo
• About SIE
• Support

CyberSoft News For October 2000

VSTK157 Update!

CyberSoft, Inc.A Computer Security and Virus Solutions Provider

by CyberSoft, Inc. All rights reserved. Please feel free to forward copies of this newsletter provided the newsletter to your colleagues

TOPICS

1. VSTK157 Update!
2. A Closer Look: MVFilter 4.0
3. SafeInternetEmail.Com
4. From the President's Desk
5. A Word from our Virus Wrangler
6. Editor's Note

VSTK157 Update!

Since the beginning of the this year, we have mentioned about the release of VSTK version 157. We apologize for the inconvenience this has caused.

Good News...it will be released this month!

Stay tune for details!

MVFilter 4.0

Macro viruses are the most common virus threat among computer users throughout the world. Macro viruses are easily created and replicated and are constantly changing as more and more technology evolves. Anti virus software must be constantly changed and updated to support the threat these viruses pose throughout the world. Cybersoft has recently re-written and released its MVFilter (Macro Virus Filter) program to support these changes.

MVFilter 4.0 will be CyberSoft's latest release in VSTK157 for disinfecting macro viruses. This new release disinfects macro viruses found in MS Office 2000 files, MS Office 97 files, and Pre-Office 97 Word Document files. This version also fixes a few minor bugs found in the previous release of MVFilter. Users of MVFilter 4.0 can expect complete and accurate disinfection because this version completely removes the infected macro(s) from the file. Finally, MVFilter 4.0 is unlike other disinfection programs because it leaves no ghosts in the file.

SafeInternetEmail.Com

CyberSoft, Inc., the creator of the VFind Security ToolKit, is proud to announce its latest service, SafeInternetEmail.Com

SafeInternetEmail.com is a service, not a product, that protects your email from viruses, spam, harassing email. Not only does this work on Windows (all versions) but it also works on MSDOS, Apple Macintosh, all Unix Systems, Linux, Java thin clients, and even Web Enable Cell Phones!!

What's so simple is that there are no downloads, no software, no manuals, and no maintenance! All you have to do is give us your domain name, we set it up, and we maintain it FOREVER!

We have decided to give all of our clients a ONE MONTH FREE TRIAL! No obligations! Just give us a month and you will be convinced that SafeInternetEmail is right for you!

From the President's Desk

CyberSoft is doing very well since our last talk. We are well on the way to diversifying outside of our core marketplace while increasing our market penetration within our core market. Sales are rapidly increasing in both areas and our new marketing plan has only been partially implemented.

Additionally, we are nearing the completion of multiple research and development programs which should yield new technology for our customers. Several of these projects will increase the speed of VFind. We will be phasing this technology in over the next few months.

In addition to our normal business operations CyberSoft has opened an educational web site about the United States and our flag. The site will never be completed but a wealth of material already exists for students. Take a look at the site and let your children and their teachers know about this free resource. http://www.highflyingflag.com

Note from the Editor: For the record, I am not calling the President a Turkey! He is the man that pays my rent! :)

A word from our Virus Wrangler

Howdy, Partners. This here's the ole Virus Wrangler, speaking to you from the CyberSoft Ranch·

Well, actually, I'm Barbara Higgins, the Data Analyst for CyberSoft, Inc.

My job consist mainly of finding juicy little computer virii (the plural of virus. Latin is full of these little tricks) and rendering them detectable by VFind, our anti virus product. This is done in several ways. First, a virus is obtained from a source or detected on our email scanner. Second, it is isolated in a special file where all nasty little virii are incarcerated while awaiting detection. Third, each virus is examined via VFind and through visual scrutiny by Yours Truly. The first thing that must be determined is what type of virus it is, something usually determined by the extension on the file name (such as .doc, .exe, .com·you get the idea). Then a unique segment of virus code, called a binary string, must be found which will positively identify that virus when used by the scanner. Then that segment must be tested to determine that it doesn't find innocent , non-viral code, such as a virus alert email or a text file, which has no ability to initiate, or launch, a virus. Finally (whew!) the tested segment, or vdl (short for virus description language), is incorporated into the VFind vdl file and provided to you, the customer. This vdl will then detect any virus code which matches the binary string pulled from the original virus.

There are several types of computer virii. Macro virii are found in Word documents and templates and are discovered due to the presence of macro initiators, sections of binary code which tell the computer to initiate the virus program. This includes files such as Excel and Access. Executable virii are found in executable files, programs which are launched when a user opens the file. These have an ending such as .com or .exe or .boo (boot). There is also a new type of attack, called a worm, which can replicate itself within your computer and then actually email itself to other people! Virii may do their dirty work without your knowledge until something crashes or malfunctions, or they may trumpet it for all to see. Either way, your computer will never be the same unless you do some major deleting of files and reloading of software.

Nasty, eh? Well, at least Word gives you warning of a the presence of a virus-- IF you tell it to. When in Word, go to the Tools menu and open Options. When the menu appears, open General and indicate Macro Virus Protection. That way, when a Word file containing a virus is opened, a pop-up window will indicate that there are macros in the file and ask if you really want to initiate them or not. I would strongly recommend disabling them unless you want a nasty surprise. Sometimes a file will read like it is infected when it isn't. This is called a false hit and can occur because the vdl is not specific enough. Some virii have very simple code and can yield a binary string that actually includes the virus name and creator. These are the most specific and may be common to an entire family of virii, such as Ethan or Class, which contain these words in various combinations within the virus code. Some virii, however, may be encoded or contain no obvious specific binary strings, and the segment of code chosen may be too common, so that VFind will detect a virus where there is none. In this case, the Virus Wrangler (in this case, me) has to re-evaluate the virus and, by comparing different strains of the same virus (its family) against the problem file, determine which pieces of code are unique to the virus. Then a new vdl is created which will not false hit on a clean file.

Just remember one thing--even if the file came from your best friend, it could have come from an infected machine without your friends knowledge. Be aware of what type of files are being attached to E-mails and be very careful about what you download from less-than-reputable sites. They could be infected with anything. In any case, the best defense is a good offense. Scan all your email, downloads, and any attached files you are about to open, just in case its loaded for bear. You can't afford to lose all your good work because of a rogue virus.

Editor's Note

To subscribe, please email me at support@cyber.com

To unsubscribe, you can email me too (please NO foul language...that's rough to read the first thing in the morning and it will ruin my day!!).

View CyberSoft On-line Magazine Archive