M$ vulnerability question
Blake Barnett
plug-discuss@lists.plug.phoenix.az.us
13 Mar 2002 16:11:26 -0700
There was a post to BugTraq about this a couple days ago. Do NOT open
the attachment. Here is a snippet from a BugTraq Post:
Indeed folks should be careful - this would be the result of the
mass-mail vector propagated by W32/Gibe@MM-infected systems.
This virus (which incidentally drops a Trojan backdoor when it is
activated) was identified by the various AV vendors last week.
NAI - http://vil.nai.com/vil/content/v_99377.htm
Symantec - http://www.symantec.com/avcenter/venc/data/w32.gibe@mm.html
Sophos - http://www.sophos.com/virusinfo/analyses/w32gibea.html
F-Secure - http://www.europe.f-secure.com/v-descs/gibe.shtml
Others -
http://www.google.ca/search?q=W32%2FGibe@MM&hl=en&btnG=Google+Search&meta=
Alex Arndt, GCIA
On Wed, 2002-03-13 at 15:25, John (EBo) David wrote:
>
> I'm not trying to start another flame war, so please do not start...
>
> I was seriously wondering if everyone else is getting the following
> message including the attachment. I've got 4 seperate copies in my
> inbox, and got to thinking that I wonder if the attachment might
> actually be a virus. It would be trivial for someone to attach a virus
> and spoof the header and use that to ship/install a trojan/worm/virus.
>
> As I NEVER run any attachments except those from REALLY trusted
> individuals, I thought I would ask what you all know of this one. Do
> you really think this is lagit?
>
> EBo --
>
> > Microsoft Customer,
> >
> > this is the latest version of security update, the
> > known security vulnerabilities affecting Internet Explorer and
> > MS Outlook/Express as well as six new vulnerabilities, and is
> > discussed in Microsoft Security Bulletin MS02-005. Install now to
> > protect your computer from these vulnerabilities, the most serious of which
> > could allow an attacker to run code on your computer.
> >
> >
> > Description of several well-know vulnerabilities:
> >
> > ...
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail.
>
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--
Blake Barnett (bdb) <blake.barnett@developonline.com>
Sr. Unix Administrator
DevelopOnline.com office: 480-377-6816
Learning is a skill, you get better at it with practice.