[Dshield] [Fwd: MicrosoftCustomerBulletin<aqwuaxuwj_gcezpl@news.com>]

Rick Klinge rick at jaray.net
Tue Jan 6 18:33:25 GMT 2004


Are you sure Chris?.. Perhaps I'm wrong and having a professional oversight
moment.. But it looks to me that they actually tried to send the virus to
the list and it was stripped off via the DShield mail server as an exe
attachment.  Hmmm need more coffee I suppose.

Thanks,

~Rick

> -----Original Message-----
> From: list-bounces at dshield.org 
> [mailto:list-bounces at dshield.org] On Behalf Of Chris DeVoney
> Sent: Tuesday, January 06, 2004 12:00 PM
> To: 'General DShield Discussion List'
> Subject: RE: [Dshield] [Fwd: 
> MicrosoftCustomerBulletin<aqwuaxuwj_gcezpl at news.com>]
> 
> 
> I think the point is that the e-mail was launched by someone, 
> as witnessed by the updated month and year. Or it's a darn 
> smarter virus than we think.
> 
> cdv
> 
> 
> 
> > -----Original Message-----
> > From: list-bounces at dshield.org
> > [mailto:list-bounces at dshield.org] On Behalf Of Rick Klinge
> > Sent: Tuesday, January 06, 2004 9:08 AM
> > To: 'General DShield Discussion List'
> > Subject: RE: [Dshield] [Fwd: Microsoft 
> > CustomerBulletin<aqwuaxuwj_gcezpl at news.com>]
> > 
> > Maybe I missed the prior post?.. But isn't this is a virus
> > that was sent to you.
> > 
> > http://securityresponse.symantec.com/avcenter/venc/data/w32.bu
> > gbros at mm.html
> > 
> > ~Rick
> > 
> > > -----Original Message-----
> > > From: list-bounces at dshield.org 
> [mailto:list-bounces at dshield.org] On 
> > > Behalf Of Chris Brenton
> > > Sent: Tuesday, January 06, 2004 9:46 AM
> > > To: dshield
> > > Subject: [Dshield] [Fwd: Microsoft Customer
> > > Bulletin<aqwuaxuwj_gcezpl at news.com>]
> > > 
> > > 
> > > LOL! So apparently this worm not only updates the moth 
> accordingly,
> > > but the year as well. :)
> > > 
> > > C
> > > 
> > > -----Forwarded Message-----
> > > From: Microsoft Customer Bulletin <aqwuaxuwj_gcezpl at news.com>
> > > To: Partner <hrpmsvkp at news.com>
> > > Subject:
> > > Date: Tue, 06 Jan 2004 16:19:37 +0100
> > > 
> > >   Microsoft
> > >      All Products |  Support | 
> > >    Search |  Microsoft.com Guide 
> > >                   Microsoft Home
> > >  
> > > 
> > > Microsoft Partner
> > > 
> > > this is the latest version of security update, the "January 2004,
> > > Cumulative Patch" update which resolves all known security 
> > > vulnerabilities affecting MS Internet Explorer, MS Outlook and MS 
> > > Outlook Express as well as three newly discovered 
> vulnerabilities. 
> > > Install now to continue keeping your computer secure from these 
> > > vulnerabilities, the most serious of which could allow an 
> > attacker to
> > > run code on your computer. This update includes the
> > functionality of
> > > all previously released patches.
> > > 
> > >  System requirements
> > > Windows 95/98/Me/2000/NT/XP
> > >  This update applies to
> > > MS Internet Explorer, version 4.01
> > > and later
> > > MS Outlook, version 8.00 and later
> > > MS Outlook Express, version 4.01 and
> > > later
> > >  Recommendation
> > > Customers should install the patch
> > > at the earliest opportunity.
> > >  How to install
> > > Run attached file. Choose Yes on
> > > displayed dialog box.
> > >  How to use
> > > You don't need to do anything after
> > > installing this item.
> > > Microsoft Product Support Services and Knowledge Base
> > articles can be
> > > found on the Microsoft Technical Support web site. For
> > > security-related information about Microsoft products, 
> please visit 
> > > the Microsoft Security Advisor web site, or Contact Us.
> > > 
> > > Thank you for using Microsoft products.
> > > 
> > > Please do not reply to this message. It was sent from an
> > unmonitored
> > > e-mail address and we are unable to respond to any replies.
> > > 
> > > ______________________________________________________________
> > > __________
> > > The names of the actual companies and products mentioned 
> herein are
> > > the trademarks of their respective owners.
> > > 
> > > Contact Us  |  Legal  |  TRUSTe
> > > 
> > > C2004 Microsoft Corporation. All
> > > rights reserved. Terms of Use  |
> > > Privacy Statement |  Accessibility
> > > 
> > > ______________________________________________________________
> > > __________
> > > WARNING: This e-mail has been altered by MIMEDefang.
> > > Following this paragraph are indications of the actual 
> > changes made.
> > > For more information about your site's MIMEDefang policy, contact
> > > Postmaster .  For more information about MIMEDefang, see:
> > > 
> >             http://www.roaringpenguin.com/mimedefang/enduser.php3
> > 
> > An attachment named q346982.exe was removed from this
> > document as it constituted a security hazard.  If you require 
> > this document, please contact the sender and arrange an 
> > alternate means of receiving it.
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 
> ___________________________________________________________________
> Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.
> 
> 

___________________________________________________________________
Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.




More information about the list mailing list