Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!sunybcs!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: woody@chinacat.Unicom.COM (Woody Baker @ Eagle Signal) Newsgroups: comp.virus Subject: Re: LaserWriter virus? Message-ID: <0009.9007241234.AA23686@ubu.cert.sei.cmu.edu> Date: 24 Jul 90 01:39:18 GMT Sender: Virus Discussion List Lines: 29 Approved: krvw@sei.cmu.edu > of a new Mac virus that changed the password on LaserWriters to some > other value. Has anyone else heard any information about this virus - > how it propogates, if GateKeeper catches it, etc? It had to happen sooner or later. Fortunatly, there is a fix. I have been distributing a routine for some time, that allowed you to reset the password on the laser. I have certain rules about how it gets distributed. The code that I have allows you to read and write any location in the EEPROM. Because of that, I require a signed request on letterhead (department , company or institution), as well as an email message. However, an aquaintance from over in UK has just posted a routine over on comp.lang.postscript that overcomes these problems. It just basicaly reads the eeprom. Nothing more. It reads the password, and returns it to you. Once you have the existing password, you can then reset the password using the standard method allowed in postscript. This routine is relatively benign, in that it simply reports the password, and allows you to set the password back to the default password. It may have already passed by your machine, as it was posted within the last week. I'll try to dig it up, but if anyone gets it, please post it here. Cheers Woody [Ed. Is this virus specific to Apple LaserWriters, or can it affect other PostScript printers? Even if it is specific to LWs, that certainly doesn't limit it to just Macintosh environments, so I've removed the "(Mac)" from the subject line. Please correct me if I'm wrong.]