North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Possibly yet another MS mail worm

  • From: Rubens Kuhl Jr.
  • Date: Sat Feb 28 19:48:50 2004

> It's annoying how easily these things spread even though they don't rely
> a specific OS vulnerabililty -- hell, it's an executable *in a zipfile*,
> it requires opening the zipfile and then running the program inside it.
> course everyone will run it, even though it's named dygfwefuih.exe (random
> characters before .exe).  <grumble>

Being in a zipfile is exactly why these things work: most mail systems
nowadays drop executable attachments without mercy, but a zipfile may be a
compressed document. Not every mail system screen incoming messages with

People writing this worms don't know just a bit about human behaviour, they
seem to keep up with trends in mail systems administration as well.