Security Incidents mailing list archives
Re: New MSN Messenger Worm
From: "dreamwvr () dreamwvr com" <dreamwvr () dreamwvr com>
Date: Thu, 14 Feb 2002 10:36:38 -0700
On Thu, Feb 14, 2002 at 04:12:15AM -0000, Bill Schalck wrote:
In-Reply-To: <1013605797.17116.27.camel () deck paradisepoker com> The details at our office were different. The message was URGENT: Go to this web site www.rjdesigns.co.uk/cool/ (or something very close to that). The strange thing is that this user SWEARS that he never clicked on the link but our logs show his computer attempted to access that web site. Luckily the site was down, possibly couldnt handle the load. Does anyone know of an exploit that combined with the MSN exploit could redirect to a web site without the users knowledge or action? I'm concerned that eventually someone "smart" is going to build a nimda like cocktail of MSN, IE and other exploits that will spread faster than any virus weve seen yet. Can anyone say ARIS ThreatCon 4?
Well it certainly is not inconceivable that someone will do the equivalent of mouse-over triggers and release a plague.. :-{ iThat is if they are not doing that already. Pick a technology that is mouse over interactive and there is potential issues. Best Regards, dreamwvr () dreamwvr com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- New MSN Messenger Worm Drew Smith (Feb 13)
- RE: New MSN Messenger Worm Rocky Stefano (Feb 13)
- Re: New MSN Messenger Worm Nathan Einwechter (Feb 13)
- Re: New MSN Messenger Worm Nick FitzGerald (Feb 14)
- <Possible follow-ups>
- Re: New MSN Messenger Worm Bill Schalck (Feb 13)
- Re: New MSN Messenger Worm dreamwvr () dreamwvr com (Feb 14)
- RE: New MSN Messenger Worm Michael Fredericks (Feb 14)