[Dshield] [Fwd:MicrosoftCustomerBulletin<aqwuaxuwj_gcezpl@news.com>]

Chris DeVoney chris_devoney at cybercritic.com
Tue Jan 6 19:59:21 GMT 2004


>From its position in the e-mail, I interpreted that the other Chris's mail
system had caught the attached .exe. But I'm game for more coffee (and
obviously could be wrong ... on the virus thing, not the coffee).

cdv


> -----Original Message-----
> From: list-bounces at dshield.org 
> [mailto:list-bounces at dshield.org] On Behalf Of Rick Klinge
> Sent: Tuesday, January 06, 2004 10:33 AM
> To: 'General DShield Discussion List'
> Subject: RE: [Dshield] 
> [Fwd:MicrosoftCustomerBulletin<aqwuaxuwj_gcezpl at news.com>]
> 
> Are you sure Chris?.. Perhaps I'm wrong and having a 
> professional oversight moment.. But it looks to me that they 
> actually tried to send the virus to the list and it was 
> stripped off via the DShield mail server as an exe 
> attachment.  Hmmm need more coffee I suppose.
> 
> Thanks,
> 
> ~Rick
> 
> > -----Original Message-----
> > From: list-bounces at dshield.org
> > [mailto:list-bounces at dshield.org] On Behalf Of Chris DeVoney
> > Sent: Tuesday, January 06, 2004 12:00 PM
> > To: 'General DShield Discussion List'
> > Subject: RE: [Dshield] [Fwd: 
> > MicrosoftCustomerBulletin<aqwuaxuwj_gcezpl at news.com>]
> > 
> > 
> > I think the point is that the e-mail was launched by someone, as 
> > witnessed by the updated month and year. Or it's a darn 
> smarter virus 
> > than we think.
> > 
> > cdv
> > 
> > 
> > 
> > > -----Original Message-----
> > > From: list-bounces at dshield.org
> > > [mailto:list-bounces at dshield.org] On Behalf Of Rick Klinge
> > > Sent: Tuesday, January 06, 2004 9:08 AM
> > > To: 'General DShield Discussion List'
> > > Subject: RE: [Dshield] [Fwd: Microsoft 
> > > CustomerBulletin<aqwuaxuwj_gcezpl at news.com>]
> > > 
> > > Maybe I missed the prior post?.. But isn't this is a 
> virus that was 
> > > sent to you.
> > > 
> > > http://securityresponse.symantec.com/avcenter/venc/data/w32.bu
> > > gbros at mm.html
> > > 
> > > ~Rick
> > > 
> > > > -----Original Message-----
> > > > From: list-bounces at dshield.org
> > [mailto:list-bounces at dshield.org] On
> > > > Behalf Of Chris Brenton
> > > > Sent: Tuesday, January 06, 2004 9:46 AM
> > > > To: dshield
> > > > Subject: [Dshield] [Fwd: Microsoft Customer 
> > > > Bulletin<aqwuaxuwj_gcezpl at news.com>]
> > > > 
> > > > 
> > > > LOL! So apparently this worm not only updates the moth
> > accordingly,
> > > > but the year as well. :)
> > > > 
> > > > C
> > > > 
> > > > -----Forwarded Message-----
> > > > From: Microsoft Customer Bulletin <aqwuaxuwj_gcezpl at news.com>
> > > > To: Partner <hrpmsvkp at news.com>
> > > > Subject:
> > > > Date: Tue, 06 Jan 2004 16:19:37 +0100
> > > > 
> > > >   Microsoft
> > > >      All Products |  Support | 
> > > >    Search |  Microsoft.com Guide 
> > > >                   Microsoft Home
> > > >  
> > > > 
> > > > Microsoft Partner
> > > > 
> > > > this is the latest version of security update, the 
> "January 2004, 
> > > > Cumulative Patch" update which resolves all known security 
> > > > vulnerabilities affecting MS Internet Explorer, MS 
> Outlook and MS 
> > > > Outlook Express as well as three newly discovered
> > vulnerabilities. 
> > > > Install now to continue keeping your computer secure from these 
> > > > vulnerabilities, the most serious of which could allow an
> > > attacker to
> > > > run code on your computer. This update includes the
> > > functionality of
> > > > all previously released patches.
> > > > 
> > > >  System requirements
> > > > Windows 95/98/Me/2000/NT/XP
> > > >  This update applies to
> > > > MS Internet Explorer, version 4.01 and later MS 
> Outlook, version 
> > > > 8.00 and later MS Outlook Express, version 4.01 and later  
> > > > Recommendation Customers should install the patch at 
> the earliest 
> > > > opportunity.
> > > >  How to install
> > > > Run attached file. Choose Yes on
> > > > displayed dialog box.
> > > >  How to use
> > > > You don't need to do anything after installing this item.
> > > > Microsoft Product Support Services and Knowledge Base
> > > articles can be
> > > > found on the Microsoft Technical Support web site. For 
> > > > security-related information about Microsoft products,
> > please visit
> > > > the Microsoft Security Advisor web site, or Contact Us.
> > > > 
> > > > Thank you for using Microsoft products.
> > > > 
> > > > Please do not reply to this message. It was sent from an
> > > unmonitored
> > > > e-mail address and we are unable to respond to any replies.
> > > > 
> > > > ______________________________________________________________
> > > > __________
> > > > The names of the actual companies and products mentioned
> > herein are
> > > > the trademarks of their respective owners.
> > > > 
> > > > Contact Us  |  Legal  |  TRUSTe
> > > > 
> > > > C2004 Microsoft Corporation. All
> > > > rights reserved. Terms of Use  |
> > > > Privacy Statement |  Accessibility
> > > > 
> > > > ______________________________________________________________
> > > > __________
> > > > WARNING: This e-mail has been altered by MIMEDefang.
> > > > Following this paragraph are indications of the actual
> > > changes made.
> > > > For more information about your site's MIMEDefang 
> policy, contact 
> > > > Postmaster .  For more information about MIMEDefang, see:
> > > > 
> > >             http://www.roaringpenguin.com/mimedefang/enduser.php3
> > > 
> > > An attachment named q346982.exe was removed from this 
> document as it 
> > > constituted a security hazard.  If you require this 
> document, please 
> > > contact the sender and arrange an alternate means of receiving it.
> > 
> > _______________________________________________
> > list mailing list
> > list at dshield.org
> > To change your subscription options (or unsubscribe), see: 
> > http://www.dshield.org/mailman/listinfo/list
> > 
> > ___________________________________________________________________
> > Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.
> > 
> > 
> 
> ___________________________________________________________________
> Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.
> 
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
> 




More information about the list mailing list