Secunia - Virus Information - BAGLE.AF
This one is spreading significantly.
This is a mass-mailing worm with the following characteristics:
* contains its own SMTP engine to construct outgoing messages
* harvests email addresses from the victim machine
* the From: address of messages is spoofed
* attachment can be a password-protected zip file, with the password included in the message body.
* contains a remote access component (notification is sent to hacker)
* copies itself to folders that have the phrase shar in the name (such as common peer-to-peer applications; KaZaa, Bearshare, Limewire, etc)
* uses various mutex names selected from those W32/Netsky variants have used, in order to prevent those W32/Netsky variants running on infected machines.
Friday, July 16, 2004
Tuesday, July 13, 2004
Microsoft Security Bulletin Summary for July, 2004
Of these, two are Critical.
Microsoft Security Bulletin Summary for July, 2004
MS04-024: Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) rated as: IMPORTANT http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx
MS04-023: Vulnerability in HTML Help Could Allow Code Execution (840315):
MS04-023
rated as: CRITICAL
http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx
MS04-022: Vulnerability in Task Scheduler Could Allow Code Execution
(841873)
rated as: CRITICAL
http://www.microsoft.com/technet/security/bulletin/MS04-022.mspx
MS04-021: Security Update for IIS 4.0 (841373) rated as: IMPORTANT http://www.microsoft.com/technet/security/bulletin/MS04-021.mspx
MS04-020: Vulnerability in POSIX Could Allow Code Execution (841872) rated as: IMPORTANT http://www.microsoft.com/technet/security/bulletin/MS04-020.mspx
MS04-019: Vulnerability in Utility Manager Could Allow Code Execution
(842526)
rated as: IMPORTANT
http://www.microsoft.com/technet/security/bulletin/MS04-019.mspx
MS04-018: Cumulative Security Update for Outlook Express (823353) rated as: MODERATE http://www.microsoft.com/technet/security/bulletin/MS04-018.mspx
Microsoft Security Bulletin Summary for July, 2004
MS04-024: Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) rated as: IMPORTANT http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx
MS04-023: Vulnerability in HTML Help Could Allow Code Execution (840315):
MS04-023
rated as: CRITICAL
http://www.microsoft.com/technet/security/bulletin/MS04-023.mspx
MS04-022: Vulnerability in Task Scheduler Could Allow Code Execution
(841873)
rated as: CRITICAL
http://www.microsoft.com/technet/security/bulletin/MS04-022.mspx
MS04-021: Security Update for IIS 4.0 (841373) rated as: IMPORTANT http://www.microsoft.com/technet/security/bulletin/MS04-021.mspx
MS04-020: Vulnerability in POSIX Could Allow Code Execution (841872) rated as: IMPORTANT http://www.microsoft.com/technet/security/bulletin/MS04-020.mspx
MS04-019: Vulnerability in Utility Manager Could Allow Code Execution
(842526)
rated as: IMPORTANT
http://www.microsoft.com/technet/security/bulletin/MS04-019.mspx
MS04-018: Cumulative Security Update for Outlook Express (823353) rated as: MODERATE http://www.microsoft.com/technet/security/bulletin/MS04-018.mspx
Monday, July 12, 2004
New Lovgate worm versions - complex and highly destructive
Check out this information on the latest versions of the Lovgate Worm
New Lovgate worm versions - complex and highly destructive
New Lovgate worm versions - complex and highly destructive
Sunday, July 04, 2004
US-CERT Cyber Security Alert SA04-184A -- Important Internet Explorer Update Available
Be careful using Internet Explorer until it is fully patched by Microsoft.
US-CERT Cyber Security Alert SA04-184A -- Important Internet Explorer Update Available
US-CERT Cyber Security Alert SA04-184A -- Important Internet Explorer Update Available
Subscribe to:
Posts (Atom)
