[208] in Security FYI
[Security-fyi] Re: New worm activity
daemon@ATHENA.MIT.EDU (Bob Mahoney)
Wed Aug 20 16:12:31 2003
Mime-Version: 1.0
Message-Id: <p05200f10bb68005cfaa6@[66.93.190.33]>
In-Reply-To: <5.2.1.1.2.20030819110225.01a8c650@batespop.lns.mit.edu>
Date: Tue, 19 Aug 2003 12:32:23 -0400
To: Barbara Santorella <bsantore@mit.edu>
From: Bob Mahoney <bobmah@MIT.EDU>
Content-Type: text/plain; charset="us-ascii"
cc: Bob Mahoney <bobmah@mit.edu>
cc: Security Team <security-internal@mit.edu>
cc: security-fyi@mit.edu
cc: itpartners@mit.edu
Errors-To: security-fyi-bounces@mit.edu
At 11:03 AM -0400 8/19/03, Barbara Santorella wrote:
>Does anyone know if this is related to the large number of emails with virus attachments that we are receiving, despite having the 4287 dat files?
These are different situations.
We have the new RPC worm that targets the vulnerability described in MS03-026. (as well as older mechanisms still in action)
We have the new W32/Sobig.f worm.
We have a (thankfully small thus far) patch.exe spam that purports to be a critical IE fix from security@microsoft.com.
Sorry for any confusion. (When I started sending updates it was still a one-worm day...)
-Bob
_______________________________________________
Security-fyi mailing list
Security-fyi@mit.edu
http://mailman.mit.edu/mailman/listinfo/security-fyi
