Full Disclosure mailing list archives
Re: [SPAM] Fw: Newest Internet Security Patch
From: "class 101" <class101 () hat-squad com>
Date: Fri, 11 Mar 2005 23:02:48 +0100
yep looks like a virus , I thought it was someone phreaking :) thx for the infos . ------------------------------------------------------------- class101 Jr. Researcher Hat-Squad.com ------------------------------------------------------------- ----- Original Message ----- From: "Florian Bauhaus" <florian.bauhaus () innovalan de> To: "class 101" <class101 () hat-squad com> Sent: Friday, March 11, 2005 10:48 PM Subject: Re: [Full-disclosure] [SPAM] Fw: Newest Internet Security Patch -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am not sure what attachment you removed, but thats what my mailserver says to your email: X-Virus-Status: Yes X-Virus-Report: Worm.Gibe.F FOUND X-Virus-Checker-Version: clamassassin 1.2.0 with ClamAV 0.83/761/Thu Mar 10 22:01:48 2005 signatures 30.761 Best regards, Florian B. class 101 wrote: | This might be helpful to spot out this fake microsoft mail telling you to download the attachement. | It does several times that Im receiving it and I guess many users trusts it's from ms but it is not. | (attachement removed from this mail), looks like the sender is a wanadoo.fr host. | | Details: | | Return-path: <mariam.ouakrim () wanadoo fr> | Envelope-to: class101 () hat-squad com | Delivery-date: Fri, 11 Mar 2005 16:19:13 +0330 | Received: from hatsquad by 1n6-235.servernode.net with local-bsmtp (Exim 4.43) | id 1D9jZj-00087c-J1 | for class101 () hat-squad com; Fri, 11 Mar 2005 16:19:12 +0330 | Received: from [193.252.22.30] (helo=smtp1.wanadoo.fr) | by 1n6-235.servernode.net with esmtp (Exim 4.43) | id 1D9jZh-00087R-Hr | for class101 () hat-squad com; Fri, 11 Mar 2005 16:19:06 +0330 | Received: from me-wanadoo.net (mail.rararchiver.com [127.0.0.1]) | by mwinf0102.wanadoo.fr (SMTP Server) with ESMTP id 632201FF9854 | for <class101 () hat-squad com>; Fri, 11 Mar 2005 13:49:04 +0100 (CET) | Received: from zrrufx (Mix-Toulouse-215-4-209.w80-9.abo.wanadoo.fr [80.9.79.209]) | by mwinf0102.wanadoo.fr (SMTP Server) with SMTP id 2B0671FFFD4E; | Fri, 11 Mar 2005 13:48:32 +0100 (CET) | X-ME-UUID: 20050311124833176.2B0671FFFD4E () mwinf0102 wanadoo fr | From: "Security Division" <kivxqjorfokxo () news com> | To: "Commercial Client" <zcwdqsw_lbsonueur () news com> | SUBJECT: Newest Internet Security Patch | Mime-Version: 1.0 | Content-Type: multipart/mixed; boundary="szfutswuhncenm" | Message-Id: <20050311124832.2B0671FFFD4E () mwinf0102 wanadoo fr> | Date: Fri, 11 Mar 2005 13:48:32 +0100 (CET) | | | ------------------------------------------------------------- | class101 | Jr. Researcher | Hat-Squad.com | ------------------------------------------------------------- | ----- Original Message ----- | From: Security Division | To: Commercial Client | Sent: Friday, March 11, 2005 1:48 PM | Subject: Newest Internet Security Patch | | | Microsoft All Products | Support | Search | Microsoft.com Guide | Microsoft Home | | | Microsoft Client | | this is the latest version of security update, the "March 2005, Cumulative Patch" update which eliminates all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to help maintain the security of your computer from these vulnerabilities, the most serious of which could allow an malicious user to run code on your system. This update includes the functionality of all previously released patches. | | | System requirements Windows 95/98/Me/2000/NT/XP | This update applies to MS Internet Explorer, version 4.01 and later | MS Outlook, version 8.00 and later | MS Outlook Express, version 4.01 and later | Recommendation Customers should install the patch at the earliest opportunity. | How to install Run attached file. Choose Yes on displayed dialog box. | How to use You don't need to do anything after installing this item. | | Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us. | | Thank you for using Microsoft products. | | Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies. | | -------------------------------------------------------------------------- | The names of the actual companies and products mentioned herein are the trademarks of their respective owners. | | Contact Us | Legal | TRUSTe | ©2005 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility | | | | | ------------------------------------------------------------------------ | | _______________________________________________ | Full-Disclosure - We believe in it. | Charter: http://lists.grok.org.uk/full-disclosure-charter.html | Hosted and sponsored by Secunia - http://www.secunia.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCMhIYqxycD0HJH7IRAp5NAKDQQdfER1gQ9bQ8VkfrAwTSKUhc9ACdF7fx oD4ttTRYwTuCUYh/GUJcJdg= =KAn6 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- [SPAM] Fw: Newest Internet Security Patch class 101 (Mar 11)
- Message not available
- Re: [SPAM] Fw: Newest Internet Security Patch class 101 (Mar 11)
- Message not available
- Re: [SPAM] Fw: Newest Internet Security Patch Nick FitzGerald (Mar 12)
- <Possible follow-ups>
- Re: [SPAM] Fw: Newest Internet Security Patch Peter Ferrie (Mar 11)