nanog mailing list archives
RE: in case nobody else noticed it, there was a mail worm released today
From: "Christopher Bird" <seabird () msn com>
Date: Thu, 29 Jan 2004 08:06:46 -0600
Please pardon my ignorance, but I am *mightily* confused. In a message from Michel Py is the following: <snip>
and ISTR one patch for Outlook 2000 that blocked your ability to save executables was released)It default in Outlook XP and Outlook 2003, which has prompted large numbers of persons to download Winzip, which as not stopped worms to
be
propagated as you pointed out. Michel.
The bit I don't get is how a zip file is created such that launching it invokes winzip and then executes the malware. When I open a normal .zip file, winzip opens a pane that shows me the contents. After that I can extract a file or I can "doubleclick" on a file to open it - which if it is executable will cause it to execute. I haven't seen a case where simply opening a zip archive causes execution of something in its contents unless it is a self extracting archive in which case it unzips and executes, but doesn't have the .zip suffix. Would anyone explain to me how this occurs (and if RTFM with a pointer to the M is the best way, then so be it!) Thanks in advance Chris
Current thread:
- Re: MS is vulnerable, (continued)
- Re: MS is vulnerable Jason Lixfeld (Jan 29)
- Re: MS is vulnerable Martin Hepworth (Jan 29)
- Re: MS is vulnerable Jason Lixfeld (Jan 29)
- RE: MS is vulnerable Vivien M. (Jan 29)
- Re: MS is vulnerable Laurence F. Sheldon, Jr. (Jan 29)
- RE: MS is vulnerable Vivien M. (Jan 29)
- Re: MS is vulnerable just me (Jan 29)
- Re: MS is vulnerable Jason Lixfeld (Jan 29)
- RE: in case nobody else noticed it, there was a mail worm released today Christopher Bird (Jan 29)
- Re: in case nobody else noticed it, there was a mail worm released today Sam Stickland (Jan 29)