Return-Path: <sentto-279987-4183-1009984333-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 02 Jan 2002 07:13:08 -0800 (PST) Received: (qmail 23547 invoked by uid 510); 2 Jan 2002 15:12:11 -0000 Received: from n25.groups.yahoo.com (216.115.96.75) by all.net with SMTP; 2 Jan 2002 15:12:11 -0000 X-eGroups-Return: sentto-279987-4183-1009984333-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.191] by n25.groups.yahoo.com with NNFMP; 02 Jan 2002 15:11:06 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_1_3); 2 Jan 2002 15:12:12 -0000 Received: (qmail 23806 invoked from network); 2 Jan 2002 15:12:12 -0000 Received: from unknown (216.115.97.171) by m5.grp.snv.yahoo.com with QMQP; 2 Jan 2002 15:12:12 -0000 Received: from unknown (HELO red.all.net) (12.232.125.69) by mta3.grp.snv.yahoo.com with SMTP; 2 Jan 2002 15:12:12 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g02FCG117000 for iwar@onelist.com; Wed, 2 Jan 2002 07:12:16 -0800 Message-Id: <200201021512.g02FCG117000@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 2 Jan 2002 07:12:16 -0800 (PST) Subject: [iwar] [fc:Email.worm.eats.security.software] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Email worm eats security software By John Leyden Posted: 02/01/2002 at 11:30 GMT Computer users returning after the New Year break are in danger from the latest mass mailing email worms. The ZaCker (or Maldal.D) worm can delete antivirus software protection and a variety of critical system files from the PCs of unwary users. Typically, the mass mailing worm arrives by email with the subject line ZaCker and an executable, infected attachment which weighs in at 27KB. It uses Outlook to spread itself to everybody in the Outlook address book. More information about ZaCker can be found here. Over the holidays another mass mailer, called Sheer.A (or Zoher) did the rounds. This takes advantage of an IE exploit which means an infected attachment could be opened simply by reading or previewing a message. MessageLabs, a managed services firm which scans its users emails for viruses, reports blocking 8,573 copies of the virus over the holidays. More information on Sheer.A can be found here. Antivirus vendors advise users to update antiviral protection in order to thwart the spread of both worms. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tiny Wireless Camera under $80! Order Now! FREE VCR Commander! Click Here - Only 1 Day Left! http://us.click.yahoo.com/WoOlbB/7.PDAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:02 PST