Re: VIRUS ATTACHED to an Email FROM MICROSOFT ! ! !

From: Alun Jones [MS MVP] (alun_at_texis.com)
Date: 11/11/03 

Date: Tue, 11 Nov 2003 13:23:15 GMT

In article <0a3601c3a7ac$071b50b0$a501280a@phx.gbl>, "Art Chakalis"
<anonymous@discussions.microsoft.com> wrote:
>I tried to e-mail and/or phone Microsoft without success.
>These boys really don't want to hear from anyone except on
>their terms. Microsoft, don't phone/email me on this one
>as I will treat you in kind and ignore you (I REALLY need
>to begin to take Linux seriously)!

If you want Microsoft to reverse roles with you, they'll have to call you
and complain about something that isn't your fault, and that you have no
control over.

Swen is a virus. You get infected by the virus by believing that the email
comes from Microsoft, and clicking to run the attached executable, which the
email portrays as a patch of some kind. Obviously, it's no such thing, and
it doesn't come from Microsoft, it comes from other infected users.

The way you get sent the virus is because the virus picks up email addresses
from a number of sources - files on the infected person's hard-drive
(address books, emails, that sort of thing), or from headers in newsgroup
postings. I'll get a pile more of Swens sent my way as a result of this
message, and you appear to be aware of this because you've chosen to use an
anonymous posting address in your post.

In much the same way as you can use crayon or felt-tip to write any address
in the top-left-hand corner of your snail-mail envelopes, even if you're not
actually from that address, you can similarly put any verbiage you like in
the "From" header.

Note, first, that switching to Linux will _not_ save you from the flood of
Swens. Changing your email, and never ever giving that email out, might do
that for you. But then, there's not much point of getting email if noone
knows the address. Switching operating systems might save you from being
infected by Swen, because even if you try to get Linux to run the alleged
patch file, it probably won't (unless you've got a Windows emulator
installed, perhaps!)

This particular virus doesn't exploit any vulnerabilities in the operating
system. It requires only that it be read, and acted on, by people too naive
to realise that it's a virus. It doesn't use any extra privileges that an
ordinary user wouldn't have, and it doesn't need to be patched away, because
it's not using any bugs. What it needs is for people to pay attention to
what they are doing, and think before opening attachments. As such, of
course, this particular virus' concept would work just as well on Linux, or
indeed any OS that allows people to use it without checking their level of
ability, knowledge, or gullibility.

Tell me again, why you think it'd be a good idea to switch...

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.] 

-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | alun@texis.com.
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.

Relevant Pages

  • Re: A question for the group
    ... >>unintentionally downloaded a virus which is capable of doing this? ... and means you are running a flavor of Microsoft Windows ... >home" and either download something from father bill, ... When I bought my computer, about a year ago, it had a Linux operating system ...
    (sci.electronics.design)
  • Re: Antivirus in FC3?
    ... >> IMHO, if you can stop a virus or trojan or whatever, do it. ... > reason we have viruses is because management is tied to Microsoft. ... Sure, as Linux comes to even more desktops, there's a better chance ...
    (Fedora)
  • Re: trojan.narat
    ... There are 5000 copies of Linux installed, ... kinda reminded me of early Windows Version. ... For me, I don't really have any problems with Microsoft or their products, I ... >> virus and it kept coming back. ...
    (microsoft.public.security.virus)
  • Re: Linux is the favourite hacker target
    ... > huge attack surface. ... I think that it may be possible that Linux gets more "attempts at writing ... The thing is that Microsoft gets more "succesful ... attempts at writing a virus" than Linux. ...
    (comp.os.vms)
  • Blank Pages on Virus & Window Patches Pages
    ... In Norman Virus Control the following message comes us. ... Dear Windows Support ... From: Microsoft Australia Product Support ... please use the System Configuration Utility. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
Quantcast