[21600] in bugtraq
RE: MALWARE HOAX FW: Microsoft Security Bulletin MS01-039
daemon@ATHENA.MIT.EDU (Kuo, Jimmy)
Wed Jul 18 11:53:34 2001
Message-ID: <C99EFEE03D87D411AB67001083F9DD4614E3B2@BEA-82-216.nai.com>
From: "Kuo, Jimmy" <Jimmy_Kuo@nai.com>
To: "'Editor InfoGuerra'" <editor@infoguerra.com.br>,
bugtraq@securityfocus.com
Date: Tue, 17 Jul 2001 15:40:38 -0700
MIME-Version: 1.0
Content-Type: text/plain
> editor@infoguerra.com.br thought he was helping by writing:
>
>Microsoft has released a warning about this bogus bulletin. You can find it
>at http://www.microsoft.com/technet/itsolutions/security/news/bogus.asp
>The message with de bogus bulletin carries a variant of the Leave worm, as
>described by Symantec at
>http://www.symantec.com/avcenter/venc/data/w32.leave.b.worm.html
But that's a different Leave variant, the previous attack. Today's issue is
Leave.F or .G, depending on who you talk to.
(Note Symantec's description is dated July 10 for something discovered on
July 9 for a 76800 size file.)
The current attack is with a 67844 size file.
Jimmy
