[3109] in WWW Security List Archive
New and destructive word macro virus(3)
daemon@ATHENA.MIT.EDU (ivan)
Fri Sep 27 18:12:12 1996
Date: Fri, 27 Sep 1996 22:07:10 +0200
From: ivan <ivan@club-internet.fr>
Reply-To: ivan@club-internet.fr
To: www-security@ns2.rutgers.edu
CC: best-of-security@suburbia.net
Errors-To: owner-www-security@ns2.rutgers.edu
To members interested, especially these who e-mailed me a confirmation
to get a sample of the virus :
1) I was finally not allowed to disclose the source code of the virus to
individuals or companies interested in its analysis...
2) The virus is "a kind of" new only
- it is recognized but not fixed by Norton Anti Virus (code name
Indonesia, to be confirmed)
- it is recognized and "could be" fixed by Fprot, the new beta version
being tested (code name : bandoeng, to be confirmed)
- a member mentionned PCCILLLIN95 from http://www.trendmicro.com, to be
scrutinized
3) Thanks again for your numerous and kind answers, advices and
reactions. I suggest that you get in touch with these companies or any
other you know.
4) A member mentionned the mix of data/code that is a particular threat
to code-focused anti-virus products : i agree 100 %. See a javascript
nuisance demonstration by
Http://www.geocities.com/SiliconValley/9307/hackj.htm#mail.
5) I re-suggest to delete this thread from the newsgroup, with all my
excuses.
6) Nevertheless, i would be particularly interested in having your
real-life experiences with client-side security : even if a company does
not have a server but only allows employees to "surf" the web for info,
it exposes itself to threats (other than pure viruses) as
java/javascript/activex/PS/helper apps/... nuisance or "security risks".
To your mind which one is the worst ? Do you have examples and
coutermeasures ?
Regards
