1  |   Order by index

Sep 19, 2003, 12:49pm

This morning we received a suspect email with a supposed security patch
update from Microsoft. This was in the form of an authentic looking html
email with attachment.

This is a load of bull! ALL windows updates should be received by live
update information or the user downloading directly from Microsoft. The so
called patch contained Worm.Automat.AHB, one of the newest threats per
Norton's Antivirus definitions.

I urge the community to get the latest Norton's or other anti-virus software
updates for their systems and take caution of any "security patchs" received
through an email.

Everyone have a terrific and "safe" day.

Best regards,
Lady Murasaki

Sep 19, 2003, 3:27pm

Confirmed, also... I suspect that some people in here could be infected....
I recieved 23 copies of the virus... and I only really have my email in here
and on AWTeen NGs

- Mark

Sep 19, 2003, 3:33pm

Same here Strike that attachment has shown up 8-9 times in the last week on my servers.



[View Quote]

Sep 19, 2003, 3:34pm

Im talking in like the last 20 minutes.

- Mark

[View Quote]

Sep 19, 2003, 3:46pm

whoa.....

[View Quote]

Sep 19, 2003, 6:53pm

ok... + 14 I just recieved... Time for POP servers to start doing me a
favour

- Mark

[View Quote]

Sep 19, 2003, 7:10pm

A pop header viewer is now slaughtering the emails :D

- Mark

[View Quote]

Sep 19, 2003, 8:52pm

I hear all these worms and viruses, but I would like to know what they
actually do, more than just say "it's a worm don't download it"

Sep 19, 2003, 9:32pm

I've had it for the lsat... hm, uh week now that it's been happening

Sep 20, 2003, 3:33am

[View Quote] > I hear all these worms and viruses, but I would like to know what they
> actually do, more than just say "it's a worm don't download it"
>
>

http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a at mm.html

--
Andras
"It's MY computer" (tm Steve Gibson)

Sep 20, 2003, 4:55am

that's why I don't use OE X_X

Sep 20, 2003, 7:31am

[View Quote] You don't? :)

--
../B

Sep 20, 2003, 7:43am

Kasperski scan identifies it as "I-Worm.Dumaru.a" - I wonder
why those virus guys cannot make unique names :-/

http://www.kaspersky.com/remoteviruschk.html


[View Quote]

Sep 20, 2003, 10:43am

"ferruccio" <startrek3 at earthlink.net> wrote in news:3f6bf9ca$2
at server1.Activeworlds.com:

> that's why I don't use OE X_X

This one is cleverly disguised and doesn't rely on OE (although it tries
using the Outlook MIME-type exploit).

Since yesterday I estimate my mailserver has received about 1000 mails
created by this virus. Before I set up server-side filters that
automatically delete these mails upon receival I couldn't even fetch mail
because I received it about twice a minute, changing my inbox all the time.
Stats from Trend Micro shows the infection rate has plummeted, though,
which is consistent with my mailserver logs (not getting it as often now).

This nasty bugger doesn't just scan mail, news and browser caches, it also
scans a number of USENET servers (probably the reason I've been bombarded
with it).

KAH

Sep 20, 2003, 3:01pm

Probly because these viruses were made by captured terrorists in jail, and
all they have to communicate is tapping on pipes witch leads eventually to
there underground camp, eather that or monkeys


[View Quote]

Sep 20, 2003, 5:09pm

roflmflao

--
-.Duo. (342836)
[View Quote]

Sep 20, 2003, 7:13pm

I use OE, and I recieved it today, does it do anything automatically upon
receiving it, or must it be opened first? I did delete it upon recieving it,
though.

J

[View Quote]

Sep 20, 2003, 7:33pm

[View Quote] Your OE version is way too outdated, you should really visit
http://windowsupdate.microsoft.com/ more often. I don't remember in
which build the MIME header vuln was fixed but I'm positive that
happened over 2 years ago.

--
../B

Sep 21, 2003, 2:06pm

Had that one before, lol

~John

[View Quote]

Sep 21, 2003, 5:24pm

Oo what are these two exes which auto want to save themselves to my
computer? LOL!

~John

[View Quote]

1  |   Order by index