From: Weyrlady <weyrlady at ashcomp.com>
To: WSFA members <WSFAlist at keithlynch.net>
Subject: [WSFA] Re: Worm news
Date: Thu, 07 Mar 2002 08:11:02 -0800 (PST)
Reply-To: WSFA members <WSFAlist at keithlynch.net>

Heh...  speaking of wicked senses of humor...

---- WSFA members <WSFAlist at keithlynch.net> wrote:

> This one is not yet highly rated by Symantec, but
it's sneaky enough to =
> justify sending advance warning.
>
> According to Symantec, "W32.Gibe at mm is a worm that
uses Microsoft Outlook =
> and its own SMTP engine to spread. This worm arrives
in an email message--w=
> hich is disguised as a Microsoft Internet Security
Update--as the =
> attachment Q216309.exe."
>
> "The fake message, which is not from Microsoft, has
the following =
> characteristics:
>
> From: Microsoft Corporation Security Center
> Subject: [WSFA] Internet Security Update
> Message:
> Microsoft Customer,
> this is the latest version of security update, the
update which eliminates =
> all known security vulnerabilities affecting
Internet Explorer and MS =
> Outlook/Express as well as six new vulnerabilities
--
Weyrlady
http://www.dragonweyr.com