RE: MALWARE HOAX FW: Microsoft Security Bulletin MS01-039

From: Kuo, Jimmy (Jimmy_Kuoat_private)
Date: Tue Jul 17 2001 - 15:40:38 PDT

Next message: Derek Martin: "secure software philosophy (was Re: 2.4.x/Slackware Init script vulnerability)"

Previous message: Crist Clark: "Re: Small TCP packets == very large overhead == DoS?"
Maybe in reply to: Robert D. Hughes: "MALWARE HOAX FW: Microsoft Security Bulletin MS01-039"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> editorat_private thought he was helping by writing:
> 
>Microsoft has released a warning about this bogus bulletin. You can find it
>at http://www.microsoft.com/technet/itsolutions/security/news/bogus.asp

>The message with de bogus bulletin carries a variant of the Leave worm, as
>described by Symantec at
>http://www.symantec.com/avcenter/venc/data/w32.leave.b.worm.html

But that's a different Leave variant, the previous attack.  Today's issue is
Leave.F or .G, depending on who you talk to.

(Note Symantec's description is dated July 10 for something discovered on
July 9 for a 76800 size file.)

The current attack is with a 67844 size file.

Jimmy

Next message: Derek Martin: "secure software philosophy (was Re: 2.4.x/Slackware Init script vulnerability)"
Previous message: Crist Clark: "Re: Small TCP packets == very large overhead == DoS?"
Maybe in reply to: Robert D. Hughes: "MALWARE HOAX FW: Microsoft Security Bulletin MS01-039"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 08:16:26 PDT