[LINK] Current Virus Flurry
Rick Welykochy
rick@praxis.com.au
Wed, 06 Nov 2002 13:30:38 +1100
Roger Clarke wrote:
> The cause appears to have been a new variant of a virus. It was
> catalogued by virus-watchers as early as November 4, 2002 01:11:28
> PM PST:
> http://www.symantec.com/avcenter/venc/data/w32.brid.a@mm.html
Reading more on the exploit used to propogate this virus at
<http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp> ...
"Would IE always execute the attachment?
No. IE would only execute the attachment if File Downloads were enabled in the Security Zone
that the e-mail was opened in. However, File Downloads are enabled in all zones by default."
In other words, the correct answer is "Yes". Here is an email virus that will,
by default, execute and spread its malicious cargo. The Symantec writeup on the
virus mentions that the machine can be become unstable and crash.
cheers
rickw
--
_________________________________
Rick Welykochy || Praxis Services
The superior man understands what is right; the inferior man understands
what will sell.
-- Confucius