| Potential MMS Virus Issues: Security Update |  Search
|
|
NowSMS Support Forums ⬆ Now SMS/MMS Product Announcements ⬆ |
◄ ► |
| Author | Message | |||
| Keith Norris Moderator Username: Admin Post Number: 19 Registered: 05-2003 |
Public reports have identified a virus that can be spread via MMS on Nokia Series 60 (and potentially other Symbian) phones. We have not received any confirmed reports of customers encountering this virus, however we take the current published reports seriously, and believe that there is a potential risk for additional variants of the current virus threat. The current virus is known as "CommWarrior". It spreads as an infected Symbian application that is attached to an MMS message. The recipient receives a message with a subject such as one of the following:
The user is then presented with an option to "Install CommWarrior?". (And it is likely that the user will have to make an additional selection to confirm that they wish to install the application.) If the user selects yes, then the CommWarrior application is installed on the Series 60/Symbian device. Of course, CommWarrior is actually a virus which after some delay, sends out infected MMS messages to other users in the individual's address book. End users need to show discretion in installing any applications that they receive unsolicited. However, it is likely that some naive users will install the application allowing the virus to spread. This virus specifically targets handsets that are using the Symbian OS, including Nokia Series 60 phones such as the 7610, 6600, 3650, 6260, and 7650. It cannot infect other types of handsets. And it can only infect a Symbian handset if the user elects to install the application that they received unsolicited in the MMS message. If you have received an MMS message that prompted you to install an unknown application, especially CommWarrior, and you mistakenly installed the application on your phone, then you should take steps to remove the virus from your phone. For additional information on this current virus threat, and links to anti-virus vendors, see http://www.electricnews.net/news.html?code=9592732 For customers who are using NowSMS as an MMSC, we are presenting a security update to NowSMS which can block the delivery of executable attachments to MMS messages for any subscribers to the NowSMS MMSC ("MMSC Users"). Please note that this update is only relevant for configurations where NowSMS is being used as an MMSC in a somewhat public environment (such as an operator MMSC deployment). Please see http://support.nowsms.com/discus/messages/53/8153.html for a complete list of changes in this update for the Now SMS/MMS Gateway v5.51. That thread also contains a link for the download. The following text describes the new feature that is used to block the delivery of executable attachments to MMS messages. MMSC: Add configuration option to block certain MIME types from being delivered to an MMS recipient when NowSMS is acting as the MMSC. This option is being implemented primarily to deal with potential MMS virus threats, where infected Symbian applications are being spread to Nokia Series 60 phones through MMS. To block executable MIME types, create a file named MMSBLOCK.TXT in the NowSMS program directory. In this file, list one MIME content type per line, specifying content types to be blocked. We recommend the following entries in this file to prevent Symbian and Java executables from being distributed via MMS: application/vnd.symbian.install application/java-archive application/x-java-archive text/vnd.sun.j2me.app.descriptor This functionality requires that "Dynamic Image + Audio Conversion" be enabled for the MMSC. | |||
