Mordel's Bar & Grill
What virus is this? Does anyone know?
Post new topic   Reply to topic    Mordel's Bar & Grill Forum Index » General Off Topic
View previous topic :: View next topic  
Author Message
Nightmare
Lyran Alliance
Kommandant-General
Kommandant-General


Joined: 03-May-2002 00:00
Posts: 2214
PostPosted: 18-Sep-2003 17:33    Post subject: What virus is this? Does anyone know? Reply to topic Reply with quote
I received a mail with the following text and an attachment (that I haven't opened):

Microsoft Partner

this is the latest version of security update, the "September 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three new vulnerabilities. Install now to help protect your computer from these vulnerabilities, the most serious of which could allow an malicious user to run code on your computer. This update includes the functionality of all previously released patches.


System requirements Windows 95/98/Me/2000/NT/XP
This update applies to MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest opportunity.
How to install Run attached file. Choose Yes on displayed dialog box.
How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.

--------------------------------------------------------------------------------
The names of the actual companies and products mentioned herein are the trademarks of their respective owners.

Contact Us | Legal | TRUSTe
©2003 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility


The message claims to be a "MS security update", but when I check the source it's not even sent from the US. Does anyone know what virus or other malware is sent out with these mails? Here's the source:



Received: via tmail-2003a for lizard1.0; Thu, 18 Sep 2003 23:55:53 +0300 (EEST)
Received: from fe08.mail.jippii.net (fe08.mail.jippii.net [195.197.172.109])
by be2.mail.jippii.net (Postfix) with ESMTP id 41518269F
for ; Thu, 18 Sep 2003 23:55:53 +0300 (EEST)
Received: from syrius.2gim.zory.pl (ppp245.gorzow.tpnet.pl [195.116.254.245])
by fe08.mail.jippii.net (8.12.10/8.12.1) with ESMTP id h8IL4DUU025044
for ; Fri, 19 Sep 2003 00:04:14 +0300
Received: from wilzpy (pa174.zory.sdi.tpnet.pl [217.96.208.174])
by syrius.2gim.zory.pl (8.12.5/8.12.5) with SMTP id h8IKVlgn010733;
Thu, 18 Sep 2003 22:31:47 +0200
Date: Thu, 18 Sep 2003 22:31:47 +0200
Message-Id: <200309182031.h8IKVlgn010733@syrius.2gim.zory.pl>
From: "Microsoft Internet Security Center"
To: "MS Partner"
SUBJECT: Latest Internet Critical Patch
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="fdbslrpxb"
Status: RO



_________________
A tree fall in the forest, and no one is around, and it hits a mime. Does anyone care?
Back to top View profile Send site message
Mordel
Mordel.Net
Administrator
Administrator


Joined: 03-Feb-2002 00:00
Posts: 6061
Location: United States
PostPosted: 18-Sep-2003 22:28    Post subject: RE: What virus is this? Does anyone know? Reply to topic Reply with quote
Got a bunch of 'em, but opted not to click on the Executable that came with it. I'm thinking that was a smart idea.

_________________
Mordel Blacknight - Site Administrator
Back to top View profile Send site message Send e-mail Visit website Facebook Username Twitter Username Steam Custom URL
Nightmare
Lyran Alliance
Kommandant-General
Kommandant-General


Joined: 03-May-2002 00:00
Posts: 2214
PostPosted: 19-Sep-2003 01:21    Post subject: RE: What virus is this? Does anyone know? Reply to topic Reply with quote
Certainly is.

I actually feel stupid for asking about the thing first. Once I retreived the newest update for my mailscan it identified the worm immediately, and started killing those mails. It's called WORM_SWEN.A, exploits a hole in unpatched MS IE (surprise!) and starts mailing out more of itself. If you've got the 2nd IE service pack the worm can't infect your system. If not, check your favorite anti-virus vendor.

_________________
A tree fall in the forest, and no one is around, and it hits a mime. Does anyone care?
Back to top View profile Send site message
Hardware
Clan Ghost Bear
Star Colonel
Star Colonel


Joined: 04-Feb-2002 00:00
Posts: 605
Location: United States
PostPosted: 19-Sep-2003 14:04    Post subject: RE: What virus is this? Does anyone know? Reply to topic Reply with quote
This is the swen virus. It installs if you click on the "yes" or "no" option. Although there is no visible indication if you click no.

There are patches available to defeat the exploit already.

_________________
The more I get to know people the more I like my dog.

Back to top View profile Send site message
Rarich
Federated Suns
Leftenant General
Leftenant General


Joined: 05-Feb-2002 00:00
Posts: 991
Location: United States
PostPosted: 20-Sep-2003 12:00    Post subject: RE: What virus is this? Does anyone know? Reply to topic Reply with quote
I am impressed, someone beats the press by about 36 hours, and someone has an answer for it! It hit yahoo news this morning, let's see when CNN or Fox get to it.

_________________
Duct tape is like the force. It has a light side & a dark side, and strings also lie under it all.

Life is a sexually transmitted terminal disease.
Back to top View profile Send site message
Motown Scrapper
Clan Ice Hellions
Galaxy Commander
Galaxy Commander


Joined: 24-Jul-2003 00:00
Posts: 2074
Location: United States
PostPosted: 20-Sep-2003 14:08    Post subject: RE: What virus is this? Does anyone know? Reply to topic Reply with quote
Quote:

On 2003-09-20 12:00, Rarich wrote:
I am impressed, someone beats the press by about 36 hours, and someone has an answer for it! It hit yahoo news this morning, let's see when CNN or Fox get to it.
Mordels News Service, MNS we get it first

_________________
Having more fun than a human being should be allowed to have-Rush Limbaugh www.rushlimbaugh.com

Force of nature

Still crazy after all these years
Back to top View profile Send site message Send e-mail
Hardware
Clan Ghost Bear
Star Colonel
Star Colonel


Joined: 04-Feb-2002 00:00
Posts: 605
Location: United States
PostPosted: 20-Sep-2003 22:38    Post subject: RE: What virus is this? Does anyone know? Reply to topic Reply with quote
Quote:

On 2003-09-20 14:08, Motown Scrapper Mordels News Service, MNS we get it first


Actually we beat up the other guy and take it from him. But that's just a quibble. No matter how you slice it we still get it first.

_________________
The more I get to know people the more I like my dog.

Back to top View profile Send site message
Display posts from previous:
Post new topic   Reply to topic    Mordel's Bar & Grill Forum Index » General Off Topic All times are GMT-05:00

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
 
"There are no warlike people, just warlike leaders." - Ralph Bunche
Copyright © 1995-2024 Scott Bukoski. All rights reserved.
BattleTech, 'Mech, BattleMech, MechWarrior, CityTech, BattleForce, and AeroTech
are registered trademarks of The Topps Company, Inc. © 2024 The Topps Company, Inc., All rights reserved.
Code Release 2.24.13.1 (2024-09-02T12:46:23-04:00)