Re: New MSN Messenger Worm

From: dreamwvr@dreamwvr.com
Date: 02/14/02


Date: Thu, 14 Feb 2002 10:36:38 -0700
From: "dreamwvr@dreamwvr.com" <dreamwvr@dreamwvr.com>
To: incidents@securityfocus.com

On Thu, Feb 14, 2002 at 04:12:15AM -0000, Bill Schalck wrote:
>
> In-Reply-To: <1013605797.17116.27.camel@deck.paradisepoker.com>
>
> The details at our office were different. The message
> was “URGENT: Go to this web site
> www.rjdesigns.co.uk/cool/” (or something very close
> to that). The strange thing is that this user SWEARS
> that he never clicked on the link but our logs show his
> computer attempted to access that web site. Luckily
> the site was down, possibly couldn’t handle the load.
> Does anyone know of an exploit that combined with
> the MSN exploit could redirect to a web site without
> the users knowledge or action?
>
> I'm concerned that eventually someone "smart" is
> going to build a nimda like cocktail of MSN, IE and
> other exploits that will spread faster than any virus
> we’ve seen yet. Can anyone say ARIS ThreatCon 4?

  Well it certainly is not inconceivable that someone will
do the equivalent of mouse-over triggers and release a
plague.. :-{ iThat is if they are not doing that already.
Pick a technology that is mouse over interactive and
there is potential issues.

Best Regards,
dreamwvr@dreamwvr.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • Re: Google Begs for More Spam Reports
    ... MSN for example, ... wheeras I had pushed the limits on a web site and the web site dropped to ... quality results that exist for the keyphrase search. ...
    (alt.internet.search-engines)
  • hacker??
    ... >taken over MSN and our Internet Explorer. ... >tools then internet options and switching there, ... >for any other web site, ...
    (microsoft.public.security.virus)
  • Re: Can;t acces secure sites
    ... Troubleshoot Situations Where You Cannot Complete MSN Sign-up pr Connect to SSL ... Secure Web Site ... > Heyll i been trying to acces hotmail or any other sites wiht security any help ...
    (microsoft.public.windowsupdate)
  • RE: Preventing MSN becoming my home page - URGHH! I hate MSN for this !!
    ... info into your modem connect settings and use a different ... entry that MSN ... >any web site to be my home page. ... >over my browser. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: blaster worm??
    ... Try your secure sites. ... Troubleshoot Situations Where You Cannot Complete MSN Sign-up pr Connect to ... SSL Secured Web Sites by Using Internet Explorer in Windows XP ... on a Secure Web Site ...
    (microsoft.public.windowsxp.security_admin)