| Subject: | Recent spate of OBRA emails with viruses... |
| Date: | 06/26/2003 02:52 AM |
| From: | jo-@aracnet.com |
|
OBRA-land, I have trapped a few emails with a virus known as JS/Fortnight@M virus. According to McAfee (www.mcafee.com), this is a low-risk virus for both home and corporate users. It is an internet worm, similar to Melissa or CodeRed. Here is the information from McAfee: "This script virus resides on a web page, which was recently removed. When users visited this page, a link to a pay-per-click webpage was appended to their email signature file. When an infected user manually sent out an email message, a link would appear at the bottom, pointing to a web page on this site. The link is included in an IFrame, so if the receiving e-mail client supported HTML, the page would open automatically, and be displayed inside the e-mail message. The Internet Explorer and Netscape Navigor home page settings are also changed by this script. Again, the malicious page was removed; therefore this virus is currently not a threat. However, users may see this detection in messages sent from infected users. A patch for the vulnerability used is available from Microsoft at http://www.microsoft.com/technet/security/bulletin/MS00-075.asp" Removal and patch instructions can be found at this link: http://vil.mcafee.com/dispVirus.asp?virus_k=99486 Joe -- #----------------------------------------------------------# # Penguinix Consulting # #----------------------------------------------------------# # Software development, QA and testing. # # Linux support and training. # # "Don't fear the penguin!" # #----------------------------------------------------------# # Registered Linux user: #309247 http://counter.li.org # #----------------------------------------------------------# |
