As some of you probably may not know, a new exploit is going around the net today (W32/Minda@MM )
I urge all of you who administer NT webservers and all mail servers to become versed in this new exploit.
http://www.trusecure.com/html/tspub/hypeorhot/rxalerts/tsa01024_cid177.shtml
The easiest way to combat this is to turn off the listening for TFTP service all together.
In \system32\drivers\etc open up the services file in notepad and comment out the TFTP service. If your not using it then there is no reason to set it’s port to 0.
Just disable it.
Plus make your users aware about the readme.exe arrival in their mailbox.
I Have Posted the Virus Alert below that was sent to my users regarding this issue. Feel free to distribute.
Good luck
