Looper's Delight Archive Top (Search)
Date Index
Thread Index
Author Index
Looper's Delight Home
Mailing List Info

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Date Index][Thread Index][Author Index]

Fw: [ VIRUS WARNING ] - Worm/Gibe - 03/12/2002



URGENT, Don't open this attachment if you get it. It is a virus disguised 
as
a Security Update from MICROSOFT. I received it 3X this morning 3/12/02. It
ISW NOT A LEGITIMATE SECURITY UPDATE FROM MICROSOFT. Do not open and run 
the
attachment. Delete the e-mail and all of it's contents. Thank you for
listening !!!
BC

Description:
------------
Worm/Gibe is an Internet worm that attempts to spread through e-mail by
using addresses it collects in the Microsoft Outlook Address Book. It
disguises itself as a legitimate Microsoft Security Update.

----- Original Message -----
From: "Central Command News" <listmanager@cclistserver.com>
To: <news@cclistserver.com>
Sent: Tuesday, March 12, 2002 7:19 AM
Subject: [ VIRUS WARNING ] - Worm/Gibe - 03/12/2002


>
> CENTRALCOMMAND.COM Newsletter
> Without us, there's no defense.T
>
> You are receiving this news letter because you are a subscriber
> to the Central Command News mailing list.
>
> **| DON'T WAIT TO BE A VIRUS VICTIM! |**
> Another virus outbreak can happen anytime! Don't wait to be a
> victim of a computer virus attack, get Vexira Antivirus today.
> Vexira Antivirus starts at only $49.95! Buy now:
> http://store.centralcommand.com
>
> Central Command is issuing a VIRUS WARNING for Worm/Gibe due to
> increased virus reports to our technical support department.
> Central Command discovered this Internet worm on March 4, 2002
> and Vexira Antivirus has been updated to detect and stop this
> Internet worm.
>
> Details:
>
> Name: Worm/Gibe
> Alias: Win32.Gibe@mm
> Type: Internet Worm
> Discovered: 04-03-2002
> Size: ~122.9KB
> ITW: Yes
>
> Description:
>
> Worm/Gibe is an Internet worm that attempts to spread through
> e-mail by using addresses it collects in the Microsoft Outlook
> Address Book. It disguises itself as a legitimate Microsoft
> Security Update.
>
> The worm would arrive through e-mail in the following format:
>
> Subject: Internet Security Update
>
> Body: Microsoft Customer,
>
> this is the latest version of security update, the update which
> eliminates all known security vulnerabilities affecting Internet
> Explorer and MS Outlook/Express as well as six new
> vulnerabilities, and is discussed in Microsoft Security Bulletin
> MS02-005. Install now to protect your computer from these
> vulnerabilities, the most serious of which could allow an
> attacker to run code on your computer.
>
> Description of several well-know vulnerabilities:
>
> - "Incorrect MIME Header Can Cause IE to Execute E-mail
> Attachment" vulnerability. If a malicious user sends an affected
> HTML e-mail or hosts an affected e-mail on a Web site, and a user
> opens the e-mail or visits the Web site, Internet Explorer
> automatically runs the executable on the user's computer.
>
> - A vulnerability that could allow an unauthorized user to learn
> the location of cached content on your computer. This could
> enable the unauthorized user to launch compiled HTML Help (.chm)
> files that contain shortcuts to executables, thereby enabling the
> unauthorized user to run the executables on your computer.
>
> - A new variant of the "Frame Domain Verification" vulnerability
> could enable a malicious Web site operator to open two browser
> windows, one in the Website's domain and the other on your local
> file system, and to pass information from your computer to the
> Web site.
>
> - CLSID extension vulnerability. Attachments which end with a
> CLSID file extension do not show the actual full extension of the
> file when saved and viewed with Windows Explorer. This allows
> dangerous file types to look as though they are simple, harmless
> files - such as JPG or WAV files - that do not need to be
> blocked.
>
> System requirements:
> Versions of Windows no earlier than Windows 95.
>
> This update applies to:
> Versions of Internet Explorer no earlier than 4.01
> Versions of MS Outlook no earlier than 8.00
> Versions of MS Outlook Express no earlier than 4.01
>
> How to install:
> Run attached file q216309.exe
>
> How to use:
>
> You don't need to do anything after installing this item.
>
> For more information about these issues, read Microsoft Security
> Bulletin MS02-005, or visit link below....
>
> If you have some questions about this article contact us at
> rdquest12@microsoft.com
>
> Thank you for using Microsoft products.
>
> With friendly greetings,
> MS Internet Security Center.
>
> Attachment: q216309.exe
>
> Read a full virus description by clicking the link below:
>
http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_adp.ph
p?p_refno=020304-000001
>
>
> [ Subscription information ]
>
> Central Command, Inc. respects your online privacy. You at anytime
> can easily remove your e-mail address from the Central Command mailing
> list by entering in your e-mail address at the following web page:
> http://www.centralcommand.com/unsubscribe.html
>
> You will receive a confirmation message about your successful
> removal from News.
>
> [ Legal Notice and Disclaimer ]
>
> THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY.
>
> Disclaimer of warranties and limitation of liability
>
> This information is provided by Central Command, Inc. on an "AS IS"
> and "AS AVAILABLE" basis. Central Command, Inc. makes no
> representations or warranties of any kind, express or implied, as to
> the information, content, materials, or products included, or
> mentioned within this information bulletin. You expressly agree that
> your use of this information is at your sole risk. The user assumes
> the entire risk as to the accuracy and the use of this document.
>
> To the full extent permissible by applicable law, Central Command,
> Inc. disclaims all warranties, express or implied, including, but
> not limited to, implied warranties of merchantability and fitness
> for a particular purpose and freedom from infringement. Central
> Command, Inc. does not warrant that this information is accurate.
> Central Command, Inc. will not be liable for any damages of any kind
> arising from the use of this information, including, but not limited
> to direct, indirect, incidental, punitive, and consequential
> damages.
>
> Certain state laws do not allow limitations on implied warranties or
> the exclusion or limitation of certain damages. if these laws apply
> to you, some or all of the above disclaimers, exclusions, or
> limitations may not apply to you, and you might have additional
> rights.
>
> [ Copyrights and Trademarks ]
>
> Central Command, PerfectSupport, EVRT, Emergency Virus Response
> Team, Virus Protection for the Real World, Without us, there's no
> defense. are trademarks of Central Command Inc. All other
> trademarks, trade name and product names are property of their
> respective owners. Copyright © 2000, 2001, 2002  Central Command
> Inc. All rights reserved.