Re: Yet another Mass e-mail worm TM - Gibe-F/Swen-A - E-mail from Microsoft

From: Davorin Vlahovic (A-Burn_at_fly.srk.fer.hr)
Date: 09/20/03

  • Next message: Davorin Vlahovic: "Re: Yet another Mass e-mail worm TM - Gibe-F/Swen-A - E-mail from Microsoft" 
    Date: Sat, 20 Sep 2003 10:01:19 +0000 (UTC)

    In article <vmnast33riem31@corp.supernews.com>, Dave wrote:
    > "Rev Turd Fredericks" <turdfred@catholic.org> wrote in message
    > news:PM0003C7B79D9EA844@dhcppc2.reshsg.uci.edu...
    >>
    >> My wife got the msblast virus merely by
    >> turning off her firewall to play a game.
    >
    > Microsoft advocates are claiming that XP is just as secure as Linux,

    I'm not even sure they can read.

    > that
    > you can't get a virus without doing something stupid, like clicking on an
    > email attachement.

    They have no clue.

    > I've also heard that msblast can infect a computer without *any* user
    > interaction.

    That is correct.

    > I was told this by a system administrator who takes care of
    > hundreds of Windows workstations. I asked him what network services were
    > running on the computers (telnet, ftp, etc.) and he said none. The virus
    > can apparently propagate with just the basic network communication
    > protocols.

    It does buffer-overflow. Finds a port open (one of RPC), and just
    enter in the buffer a bunch of crap, then insert some i80x86 machine
    code, and jumps to it. The code executes and does it's magic. No
    user-interaction needed. 

    -- 
"The Justice Department has started investigations into the virus
monopoly by Microsoft."
  • Next message: Davorin Vlahovic: "Re: Yet another Mass e-mail worm TM - Gibe-F/Swen-A - E-mail from Microsoft"
    • Quantcast