Full Disclosure mailing list archives
Re: virus in email RTF message MS OE almost disabled
From: Gary Baribault <gary () baribault net>
Date: Mon, 22 Nov 2010 16:50:49 -0500
Oh, man, now you've made him cry! Gary B On 11/22/2010 03:16 PM, Thor (Hammer of God) wrote:
You know, every time I start to get a bit of hope for what looks like an upward trend of businesses and organizations taking security seriously, I see crap like this. Your organization is a Medicare prescription contractor with a national network of 61,022 contracted pharmacies, and not only are you running unpatched versions of old OS's and opening email attachments because they "look OK," but you have to post to Full Disclosure asking help for trivial virus detection and removal advice? Now that everyone on FD knows that you are vulnerable and that you open email attachments, you've probably just caused the organization to be pwned 9 ways from Sunday. To answer your question, call a professional and have them do it. And in the future, don't send out emails like this from your organization email announcing the state of your security. That's what Hotmail is for. t *From:*full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] *On Behalf Of *Mikhail A. Utin *Sent:* Monday, November 22, 2010 7:18 AM *To:* full-disclosure () lists grok org uk *Subject:* [Full-disclosure] virus in email RTF message MS OE almost disabled Hello, Opening looking OK email message in my MS OE I've very likely got new kind of virus, which exploits MS Office flaw recently announced. Immediately after, my OE started consuming huge memory when I switched between folders or messages. I've not seen any process in Task Manager taking up to 1 GB memory (physical is 512M). I did not find any newly installed executables either. When I shut down OE, the computer works fine. Any thoughts? Thank you Mikhail CONFIDENTIALITY NOTICE: This email communication and any attachments may contain confidential and privileged information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or its contents is prohibited. If you have received this communication in error, please reply to the sender immediately or by telephone at (617) 426-0600 and destroy all copies of this communication and any attachments. For further information regarding Commonwealth Care Alliance's privacy policy, please visit our Internet web site at http://www.commonwealthcare.org. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- virus in email RTF message MS OE almost disabled Mikhail A. Utin (Nov 22)
- Re: virus in email RTF message MS OE almost disabled Thor (Hammer of God) (Nov 22)
- Re: virus in email RTF message MS OE almost disabled Gary Baribault (Nov 22)
- Message not available
- Re: virus in email RTF message MS OE almost disabled Thor (Hammer of God) (Nov 22)
- Re: virus in email RTF message MS OE almost disabled Jeffrey Walton (Nov 22)
- Re: virus in email RTF message MS OE almost disabled Gary Baribault (Nov 22)
- Re: virus in email RTF message MS OE almost disabled Thor (Hammer of God) (Nov 22)
- <Possible follow-ups>
- Re: virus in email RTF message MS OE almost disabled Ryan Sears (Nov 22)
- Re: virus in email RTF message MS OE almost disabled Mikhail A. Utin (Nov 23)