This post originated from an RSS feed registered with .NET Buzz by Dan Fernandez. Original Post: Practice Safe Computing Feed Title: Dan Fernandez's Blog Feed URL: /msdnerror.htm?aspxerrorpath=/danielfe/Rss.aspx Feed Description: Dan discusses Dot Net. Latest .NET Buzz Posts Latest .NET Buzz Posts by Dan Fernandez Latest Posts From Dan Fernandez's Blog

I received an email today from admin @ Microsoft dotcom saying my password has expired with a zip attachment indicating instructions.  Not being gullible, but still being curious, I virus scanned the attachment and saw that it was indeed a virus.  I forwarded the mail to our security team for investigation, but it brings up a good point.  Don't run attachments, patch your machines regularly and practice safe computing.  My quick tips,

• Don't believe everything you read in email. Not sure? Check here or here
• Don't run attachments if you don't know where they are coming from
• Use and update your antivirus software
• Use Windows Update
• Use a firewall and block everything but the necessary ports.

There's also been some news about a vulnerability affecting DCOM which lives inside the RPC process, with a patch available through Windows Update, which you should visit if you don't have the RPC patch installed.

*Update: Link to the security bulletin