lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <011101c2fe09$e12f2800$7044cd3e@INTERNET>
From: Nicolas.Villatte at advalvas.be (Nicolas Villatte)
Subject: MCAFEE E-MAIL SCAN ALERT!~FWD: INTERNET SECURITY UPDATE

Are you stupid? You are sending a virus on the list, of course this is not
a Microsoft Security announcement
Attachment file : P164117.exe
Virus name: W32/Gibe.gen@MM







Folks,

	I don't think this is a real Microsoft security announcement
(they wouldn't be likely to be sent via an unknown IP address over in
the space owned by hiwaay.net), but it does appear to be the result
of a hoax, a virus, or a Trojan Horse that I have not yet heard of.

	I've done various searches via Google and on the web sites of the
anti-virus vendors, and haven't turned up anything on this issue.
Have I missed something?

--- begin forwarded text


Return-Path: <cyntabor@...aay.net>
Received: from jay.skynet.be (jay.skynet.be [195.238.3.234])
	by leia.skynet.be (8.12.9/8.12.9/Skynet-MAILSTORE-2.13) with
ESMTP id h38Gegvd009484
	for <brad.knowles@...net.be>; Tue, 8 Apr 2003 18:40:42 +0200 (MET
DST)
	(envelope-from <cyntabor@...aay.net>)
Received: from mail.hiwaay.net (ant.hiwaay.net [216.180.54.10])
         by jay.skynet.be (8.12.9/8.12.9/Skynet-IN-2.32) with ESMTP id
h38GeWLV007568
         for <brad.knowles@...net.be>; Tue, 8 Apr 2003 18:40:33 +0200
         (envelope-from <cyntabor@...aay.net>)
Received: from jmnqyCsl ([206.166.230.5])
	by mail.hiwaay.net (8.12.9/8.12.9) with SMTP id h38GKKYb993393;
	Tue, 8 Apr 2003 11:20:21 -0500 (CDT)
Date: Tue, 8 Apr 2003 11:20:20 -0500 (CDT)
Message-Id: <200304081620.h38GKKYb993393@...l.hiwaay.net>
FROM: "MS Network Security Center" <gixqwgd-307320@...ates.microsoft.net>
TO: "Microsoft Customer" <>
SUBJECT: Internet Security Update
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="HZlKyXsZvczhLbFWiz"
X-UIDL: d615b86024eea0d2e65e554f475f592b
Status: U

<x-html><!x-stuff-for-pete base="" src="" id="0"
charset=""><HTML><HEAD></HEAD><BODY>
<BASEFONT SIZE="2"><BR>
Microsoft Customer
<BR><BR>
this is the latest version of security update, the<BR>
"April 2003, Cumulative Patch" update which eliminates<BR>
all known security vulnerabilities affecting Internet Explorer,<BR>
Outlook and Outlook Express as well as five newly<BR>
discovered vulnerabilities. Install now to protect your computer<BR>
from these vulnerabilities, the most serious of which could allow<BR>
an attacker to run executable on your system. This update includes<BR>
the functionality of all previously released patches.<BR><BR>

<TABLE BORDER="3" CELLPADDING="3" BGCOLOR="#80CBF6">
<TR VALIGN="TOP">
<TD NOWRAP><FONT SIZE="2">System requirements</FONT></TD>
<TD NOWRAP><FONT SIZE="2">Win 9x/Me/2000/NT/XP</FONT></TD>
</TR>

<TR VALIGN="TOP">
<TD NOWRAP><FONT SIZE="2">This update applies to</FONT></TD>
<TD NOWRAP>
<FONT SIZE="2">
Microsoft Internet Explorer, version 4.01 and later<BR>
Microsoft Outlook, version 8.00 and later<BR>
Microsoft Outlook Express, version 4.01 and later
</FONT>
</TD>
</TR>

<TR VALIGN="TOP">
<TD NOWRAP><FONT SIZE="2">Recommendation</FONT></TD>
<TD NOWRAP><FONT SIZE="2">Customers should install the patch at the
earliest opportunity.</FONT></TD>
</TR>

<TR VALIGN="TOP">
<TD NOWRAP><FONT SIZE="2">How to install</FONT></TD>
<TD NOWRAP><FONT SIZE="2">Run attached file. Click Yes on displayed
dialog box.</FONT></TD>
</TR>

<TR VALIGN="TOP">
<TD NOWRAP><FONT SIZE="2">How to use</FONT></TD>
<TD NOWRAP><FONT SIZE="2">You don't need to do anything after
installing this item.</FONT></TD>
</TR>
</TABLE>
<BR>

Microsoft Product Support Services and Knowledge Base articles<BR>
can be found on the <A HREF="http://support.microsoft.com/">Microsoft
Technical Support</A> web site.<BR>
For security-related information about Microsoft products, please<BR>
visit the <A HREF="http://www.microsoft.com/security">
Microsoft Security Advisor</A> web site, or <A
HREF="http://www.microsoft.com/isapi/goregwiz.asp?target=/contactus/contac
tus.asp">Contact
us.</A><BR><BR>

Please do not reply to this message. It was sent from an unmonitored<BR>
e-mail address and we are unable to respond to any replies.
<BR><BR>
Thank you for using Microsoft products.
<BR><BR>
With friendly greetings,
<BR>
MS Network Security Center<BR>
<HR COLOR="Blue" SIZE="2" WIDTH="400" ALIGN="left">
<FONT COLOR="Gray">C2003 Microsoft Corporation. All rights reserved.
The names of the actual companies<BR>
and products mentioned herein may be the trademarks of their
respective owners.</FONT>
</BODY></HTML>

</x-html>


--- end forwarded text


--
Brad Knowles, <brad.knowles@...net.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
     -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--)
N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++)
R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)*
z(+++)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3374 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030408/ee48c3cb/smime.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ