[LINK] The ZIP email and the PDF email

Rick Welykochy rick at praxis.com.au
Mon Jul 2 12:26:21 AEST 2007


Linkers,

I have been receiving two or three emails per days for months now
that contain a ZIP file attachment. I presume that this email exploits
known holes in older version of WinZip and PKZIP (and perhaps GNU's unzip)
that give full access to the victim's machine.

Now I am seeing a similar number of emails with a PDF attachment.
Google turns up some mild PDF threats dated 2001.

Does anyone know if either of these emails are attacks, and if so
what the attack vector actually is?

I am curious about this since a PDF or ZIP vulnerability could easily
be exploited on any platform, not just Windows, and believe me Apple
has had its share of security updates in this area.

Of course, one would have to actually open the ZIP or PDF attachment
to become infected, but, hey, there are enough gullible suckers out
there, aren't there? But the effect of such an attack on Mac OS X or
Linux would be somewhat mitigated since the user is not (should not be)
running as the super user or Administrator.


cheers
rickw



-- 
_________________________________
Rick Welykochy || Praxis Services

Our enemies are innovative and resourceful, and so are we. They never stop thinking
about new ways to harm our country and our people, and neither do we.
      -- George W Bush, Washington DC, 20040805 (http://www.dubyaspeak.com/)



More information about the Link mailing list