[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <002101c39364$9f642920$73854f92@crc.washington.edu>
From: cdevoney at u.washington.edu (Chris DeVoney)
Subject: FW: Last Microsoft Patch
Others will address the virus represented in this trojan e-mail, but MSNBC
is the domain for the Microsoft-NBC news web site. The pure illogic of
sending out security outdates from a domain for news/weather/sports is
pretty strong. So was using MSN.COM, their internet service, as a domain. If
the masqueraders had used Microsoft.com, it may have been a more believable
trojan (except that Microsoft states repeatedly they NEVER e-mail outdates).
cdv
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Curt Purdy
Sent: Wednesday, October 15, 2003 12:05 PM
To: full-disclosure@...ts.netsys.com
Subject: [Full-Disclosure] FW: Last Microsoft Patch
Anybody else get this? Looks legit, originating address is from msnbc.com.
But can't believe even Microsoft would be this stupid after the rash of
trojan-attached "patch announcements" lately. Plus all security people have
been saying that Microsoft would never email a patch out. Or are they
thinking, "Send this out so all the stupid people will click on this before
they click on a real trojan?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031015/d7ba906a/attachment.html
Powered by blists - more mailing lists