North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: in case nobody else noticed it, there was a mail worm released today
Please pardon my ignorance, but I am *mightily* confused. In a message from Michel Py is the following: <snip> > > > > and ISTR one patch for Outlook 2000 that blocked > > your ability to save executables was released) > > It default in Outlook XP and Outlook 2003, which has prompted large > numbers of persons to download Winzip, which as not stopped worms to be > propagated as you pointed out. > > Michel. The bit I don't get is how a zip file is created such that launching it invokes winzip and then executes the malware. When I open a normal .zip file, winzip opens a pane that shows me the contents. After that I can extract a file or I can "doubleclick" on a file to open it - which if it is executable will cause it to execute. I haven't seen a case where simply opening a zip archive causes execution of something in its contents unless it is a self extracting archive in which case it unzips and executes, but doesn't have the .zip suffix. Would anyone explain to me how this occurs (and if RTFM with a pointer to the M is the best way, then so be it!) Thanks in advance Chris
|