[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Date Index][
Thread Index][
Author Index]
Fw: [ VIRUS WARNING ] - Worm/Gibe - 03/12/2002
- To: "Yann Geron" <yann@geronlaw.com>, yahoo-dev-null@yahoo-inc.com, "Wolf, Bill" <bill.wolf@ness-usa.com>, "William Mcallister" <BILLYBUDDHA@webtv.net>, "Wayne Krantz" <wk@waynekrantz.com>, "Tony & Sid" <tusm3@aol.com>, "Tommy Curran" <tommycurran@aol.com>, "Todd Klein" <tkleininc@aol.com>, "Tina Jänicke" <sales@native-instruments.de>, "The Virg" <teachk9999@aol.com>, "The Grockis" <thebipster@aol.com>, "Tamburro, Vincenzo" <vtamburro@ci.rye.ny.us>, "Susan Durfee" <sdurfee@burstmedia.com>, stopthemail@excite.com, "Steve Greenfield" <sgreenfield2@nyc.rr.com>, "Steve Durels" <steven.durels@slgreen.com>, "STEPHAN Metzger" <ivan4me@aol.com>, "Stephan Metzger" <knowsharks@aol.com>, "Stanley Pinska" <s.pinska@maypinska.com>, "Sean Portnoy" <grooves1200@yahoo.com>, "Scott Rees" <redloam@aol.com>, "Scott Lewis" <slewis@intellispace.net>, "Russ Zack" <ruzack@earthlink.net>, "Robert Oliver" <rcoliver@rcoliver.com>, "Rick Walker (loop.pool)" <GLOBAL@cruzio.com>, "René G. Ceballos" <rceballos@impsat1.com.ar>, Reaktor-list@yahoogroups.com, "Proof 151" <da_proof_151@hotmail.com>, playbacksi@earthlink.net, "Phil Marino" <philipmarino@yahoo.com>, "Peter Acker" <peterrba@aol.com>, "Paul Fraser" <paul@candidemedia.com>, "Patrick O'Donnell" <patrick@crazyape.com>, "Nontecbabe" <Nontecbabe@aol.com>, "Nikki Santucci" <Nikki@geronlaw.com>, "Neil Kessner" <neil.kessner@slgreen.com>, "Neil Doherty" <ndoherty@rfandl.com>, mmelancon@systemarts.com, mlambie@squest.com, mike@mesagrp.com, "Mike Zaccaro" <mzaccaro@werbelroth.com>, "Mike Levy" <MFLDVP@aol.com>, "Midge Nutman" <MNUTMAN@rosscohen.com>, "Michael Reynolds" <mreynolds@systemarts.com>, "Michael Rao" <mrao@werbelroth.com>, "Michael Levy" <mfldvp@hotmail.com>, "Michael LaMeyer" <m.lameyer@verizon.net>, "Michael L. Pearson" <nostrokes@worldnet.att.net>, mflorio@bestweb.net, "Matt Swenson" <mswenson@samash.com>, "Mary & Mike Lemoult" <mmlem85@aol.com>, "Mario De Ciutiis" <kat1993@aol.com>, "Marcy Kaye" <mkaye@bluebarn.com>, Madlove70@aol.com, LWawrzinek@aol.com, "Luis Bravo" <luisbravo@lafis.com.br>, "Lori Skjeveland" <Lori.A.Skjeveland@usa.xerox.com>, Loopers-Delight@loopers-delight.com, "Lisette Rodriguez" <Lissette@rhcrlaw.com>, "Lind, Jeffrey" <jefferylind@att.com>, "Lee Hopp" <Playbacksi@hotmail.com>, ldolce@edgeconnections.com, "Layne S. Frank" <laynef@netlineservice.com>, "Layne S Frank" <laynef@adifast.com>, "Lacardullo" <lacardullo@aol.com>, "Kris Sookraj" <ksookraj@intellispace.net>, "Koerner, Jonathan \[FI\]" <jonathan.koerner@ssmb.com>, "KEYS Cummings" <keys@mc2band.com>, "Kenny Lozano" <klozano@systemarts.com>, "Kenneth Roko" <Kroko@superstructures.com>, "Ken Bob Skjeveland" <ken.skjeveland@wcom.com>, "Kelly Chan" <kelly@fuwahtoys.com>, "Keith Cody" <keicod@iesg.com>, "Katrina Cockerham" <kcockerham@sencor.net>, "Karl Andren" <ka183@columbia.edu>, "Karen Savage Goldman" <turnintoapizza@aol.com>, "Julie Condy" <jcondy@planningcentral.com>, "Josh Sinel" <jsinel@bluebarn.com>, "Josh Goldman (E-mail)" <jaglpr@aol.com>, "Josephine Ng" <jong@segan.com>, "JONNAMC" <JONNAMC@aol.com>, "John Margaritis" <jmarg6@aol.com>, "John Kosa" <fishingjk@aol.com>, "John Koerner" <thekoerners@earthlink.net>, "John Kelly" <JKelly6045@aol.com>, "John Holston" <john@seersystems.com>, "John Cahill" <jcahill@wpginc.com>, joanne24@jhmanage.com, "Joanne S. Fryer" <Jsf22@aol.com>, jmoore@samash.com, JGregg8877@aol.com, "Jessica" <dunlop54@aol.com>, "Jeremy Bier" <jeremy.bier@slgreen.com>, "Jeff Reich" <reich@whafh.com>, "JComp" <JComp@G2X.COM>, "Jason Sawyer (Electrix)" <jason@electrixpro.com>, "Jane Porges" <jane.porges@aexp.com>, "Jack Heffernan" <Jackheff@aol.com>, "ira adler" <iradler18@aol.com>, info@dgilmore.com, "IK Multimedia Tech Support Staff" <support@ikmultimedia.com>, HarryEsq@aol.com, "Gregg Z. Bonura" <zbonura@yahoo.com>, "Gregg Winter" <gregg@winterandcompany.com>, "Gregg Schenker" <gschenker@murrayhill.com>, "Gregg Saver" <jsaver@ssbb.com>, "Greg Bonura" <gbonura@findnycoffice.com>, "Gordon Tapper" <tapper@un.org>, GMSDRUM@aol.com, "George Martel" <gmartel@sencor.net>, gabat@samash.com, "Frank Haines" <bass3a@aol.com>, FOREDRUMN@aol.com, "Firinn Taisdeal" <firinn@06880.org>, farida@rebny.com, "Erica Briggs" <contact@iriveramerica.com>, "Eric Reinken" <Reinken@erols.com>, "Eric Hirsch" <EHirsch@murrayhill.com>, drumkat@yahoogroups.com, drumkat@egroups.com, "Doug Jones" <aaaamericanflag@mindspring.com>, "Doug Goldblatt" <dgoldblatt@winstar.com>, "Devine, Connie \[BUC/Danbury\]" <CDevine@bransonultrasonics.com>, "DeLucia, Darrin" <ddelucia@TULLIB.COM>, "DeBonis, Marie K. N." <MKNDeBonis@bingham.com>, "David J Ellis" <DavidEllis@aol.com>, "Dave Kanbar" <dkanbar@email.com>, "Dave & Robin Klein" <Willsjake@aol.com>, "Daniel Ash (work)" <dash@us.ibm.com>, "Daniel Ash (home)" <danash@attglobal.net>, "Dan Oglevee" <dano@gomail.net>, "Customer Service Email Team - Ohio" <CServeOH@kable.com>, "Customer Service" <magic@powerquest.com>, "Cubase Customer Support" <support@steinberg-na.com>, "Cousin Nancy Alligood-Ellis" <warwicktvl@erols.com>, "Cornelius Curry" <8888487559@skytel.com>, "Connie Rossi" <gioglio@juno.com>, "Clifford@BienAppraisers" <res0koq3@verizon.net>, "Cheryl Medford" <cmedford@bluebarn.com>, "Cecile P Tucci" <cecile.p.tucci@ssmb.com>, CCarlson@bransonultrasonics.com, "Carol Lynn Smith" <carol@creativesourceinc.com>, Bvila@aol.com, "Bruce Bronson" <hbbronson@hotmail.com>, "Brian Smalley" <bsmalley@mandtbank.com>, "Brian Cummings" <Brian_Cummings@yahoo.com>, "Bobby DEAL Seidenberg" <MRBLUE1111@aol.com>, "Bobby Boy Cummings" <rcummings@amben.com>, bob@tranlog.com, "Bob Tolve" <btolve@speakeasy.net>, "Bob (home e mail) Cummings" <bobcumcfp@attbi.com>, billcumm@jhmanage.com, "Bill Cummings" <drums@myself.com>, "Bill Cummings" <billcumm@sprynet.com>, "Bennett Killmer" <bennett@redconnect.net>, barbara@wintersearch.net, "Barbara Gregory" <bjgregory@aol.com>, "Barbara Eisenstadt" <Beisenstadt@murrayhill.com>, "Barbara Edelman" <barb@hvi.net>, "Artie Shear" <valshear@aol.com>, "AMY" <amycummings@mindspring.com>, "Aldo Mazza" <kosa@istar.ca>, afrazier@samash.com, "Adam Lauzar" <klauzar@aol.com>
- From: billcumm@jhmanage.com
- Subject: Fw: [ VIRUS WARNING ] - Worm/Gibe - 03/12/2002
- Date: Tue, 12 Mar 2002 12:20:22 -0600
URGENT, Don't open this attachment if you get it. It is a virus disguised
as
a Security Update from MICROSOFT. I received it 3X this morning 3/12/02. It
ISW NOT A LEGITIMATE SECURITY UPDATE FROM MICROSOFT. Do not open and run
the
attachment. Delete the e-mail and all of it's contents. Thank you for
listening !!!
BC
Description:
------------
Worm/Gibe is an Internet worm that attempts to spread through e-mail by
using addresses it collects in the Microsoft Outlook Address Book. It
disguises itself as a legitimate Microsoft Security Update.
----- Original Message -----
From: "Central Command News" <listmanager@cclistserver.com>
To: <news@cclistserver.com>
Sent: Tuesday, March 12, 2002 7:19 AM
Subject: [ VIRUS WARNING ] - Worm/Gibe - 03/12/2002
>
> CENTRALCOMMAND.COM Newsletter
> Without us, there's no defense.T
>
> You are receiving this news letter because you are a subscriber
> to the Central Command News mailing list.
>
> **| DON'T WAIT TO BE A VIRUS VICTIM! |**
> Another virus outbreak can happen anytime! Don't wait to be a
> victim of a computer virus attack, get Vexira Antivirus today.
> Vexira Antivirus starts at only $49.95! Buy now:
> http://store.centralcommand.com
>
> Central Command is issuing a VIRUS WARNING for Worm/Gibe due to
> increased virus reports to our technical support department.
> Central Command discovered this Internet worm on March 4, 2002
> and Vexira Antivirus has been updated to detect and stop this
> Internet worm.
>
> Details:
>
> Name: Worm/Gibe
> Alias: Win32.Gibe@mm
> Type: Internet Worm
> Discovered: 04-03-2002
> Size: ~122.9KB
> ITW: Yes
>
> Description:
>
> Worm/Gibe is an Internet worm that attempts to spread through
> e-mail by using addresses it collects in the Microsoft Outlook
> Address Book. It disguises itself as a legitimate Microsoft
> Security Update.
>
> The worm would arrive through e-mail in the following format:
>
> Subject: Internet Security Update
>
> Body: Microsoft Customer,
>
> this is the latest version of security update, the update which
> eliminates all known security vulnerabilities affecting Internet
> Explorer and MS Outlook/Express as well as six new
> vulnerabilities, and is discussed in Microsoft Security Bulletin
> MS02-005. Install now to protect your computer from these
> vulnerabilities, the most serious of which could allow an
> attacker to run code on your computer.
>
> Description of several well-know vulnerabilities:
>
> - "Incorrect MIME Header Can Cause IE to Execute E-mail
> Attachment" vulnerability. If a malicious user sends an affected
> HTML e-mail or hosts an affected e-mail on a Web site, and a user
> opens the e-mail or visits the Web site, Internet Explorer
> automatically runs the executable on the user's computer.
>
> - A vulnerability that could allow an unauthorized user to learn
> the location of cached content on your computer. This could
> enable the unauthorized user to launch compiled HTML Help (.chm)
> files that contain shortcuts to executables, thereby enabling the
> unauthorized user to run the executables on your computer.
>
> - A new variant of the "Frame Domain Verification" vulnerability
> could enable a malicious Web site operator to open two browser
> windows, one in the Website's domain and the other on your local
> file system, and to pass information from your computer to the
> Web site.
>
> - CLSID extension vulnerability. Attachments which end with a
> CLSID file extension do not show the actual full extension of the
> file when saved and viewed with Windows Explorer. This allows
> dangerous file types to look as though they are simple, harmless
> files - such as JPG or WAV files - that do not need to be
> blocked.
>
> System requirements:
> Versions of Windows no earlier than Windows 95.
>
> This update applies to:
> Versions of Internet Explorer no earlier than 4.01
> Versions of MS Outlook no earlier than 8.00
> Versions of MS Outlook Express no earlier than 4.01
>
> How to install:
> Run attached file q216309.exe
>
> How to use:
>
> You don't need to do anything after installing this item.
>
> For more information about these issues, read Microsoft Security
> Bulletin MS02-005, or visit link below....
>
> If you have some questions about this article contact us at
> rdquest12@microsoft.com
>
> Thank you for using Microsoft products.
>
> With friendly greetings,
> MS Internet Security Center.
>
> Attachment: q216309.exe
>
> Read a full virus description by clicking the link below:
>
http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_adp.ph
p?p_refno=020304-000001
>
>
> [ Subscription information ]
>
> Central Command, Inc. respects your online privacy. You at anytime
> can easily remove your e-mail address from the Central Command mailing
> list by entering in your e-mail address at the following web page:
> http://www.centralcommand.com/unsubscribe.html
>
> You will receive a confirmation message about your successful
> removal from News.
>
> [ Legal Notice and Disclaimer ]
>
> THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY.
>
> Disclaimer of warranties and limitation of liability
>
> This information is provided by Central Command, Inc. on an "AS IS"
> and "AS AVAILABLE" basis. Central Command, Inc. makes no
> representations or warranties of any kind, express or implied, as to
> the information, content, materials, or products included, or
> mentioned within this information bulletin. You expressly agree that
> your use of this information is at your sole risk. The user assumes
> the entire risk as to the accuracy and the use of this document.
>
> To the full extent permissible by applicable law, Central Command,
> Inc. disclaims all warranties, express or implied, including, but
> not limited to, implied warranties of merchantability and fitness
> for a particular purpose and freedom from infringement. Central
> Command, Inc. does not warrant that this information is accurate.
> Central Command, Inc. will not be liable for any damages of any kind
> arising from the use of this information, including, but not limited
> to direct, indirect, incidental, punitive, and consequential
> damages.
>
> Certain state laws do not allow limitations on implied warranties or
> the exclusion or limitation of certain damages. if these laws apply
> to you, some or all of the above disclaimers, exclusions, or
> limitations may not apply to you, and you might have additional
> rights.
>
> [ Copyrights and Trademarks ]
>
> Central Command, PerfectSupport, EVRT, Emergency Virus Response
> Team, Virus Protection for the Real World, Without us, there's no
> defense. are trademarks of Central Command Inc. All other
> trademarks, trade name and product names are property of their
> respective owners. Copyright © 2000, 2001, 2002 Central Command
> Inc. All rights reserved.