| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: nick at virus-l.demon.co.uk (Nick FitzGerald) Subject: Fwd: Internet Security Update Brad Knowles <brad.knowles@...net.be> wrote: > I don't think this is a real Microsoft security announcement > (they wouldn't be likely to be sent via an unknown IP address over in > the space owned by hiwaay.net), but it does appear to be the result > of a hoax, a virus, or a Trojan Horse that I have not yet heard of. Very good Watson... > I've done various searches via Google and on the web sites of the > anti-virus vendors, and haven't turned up anything on this issue. What did you search for??? > Have I missed something? The daily application of a clue-by-four? Here is the beginning of the message of which you were suspicious: > Microsoft Customer > <BR><BR> > this is the latest version of security update, the<BR> > "April 2003, Cumulative Patch" update which eliminates<BR> > all known security vulnerabilities affecting Internet Explorer,<BR> > Outlook and Outlook Express as well as five newly<BR> Note the obvious (to native English speakers) grammatical error common to folk who learnt English as a second language who often struggle with articles? Note the sentence does not start with an uppercase letter? Both good clues in themselves that this is not from Microsoft without even having to worry about looking at the headers. Oh yes, and Microsoft, as a matter of policy _never_ sends patches or updates via Email: http://www.microsoft.com/technet/security/policy/swdist.asp Googling for the phrase "this is the latest version of security update" turned up about 780 hits, the first ten of which were all antivirus developer virus descriptions or various security company or security service teams' warnings about the (then) new Gibe.B virus. When was "then"? 23 February was the date Gibe.B was discovered. Finally, isn't it illegal in Belgium to spread viruses? I hope any members of your local constabulary on this list take a lenient view of your including what you clearly thought was a suspicious attachment (and is, in fact, a virus) in your post to many thousands of people... -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854
Powered by blists - more mailing lists