[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Look what's back for New Years

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Look what's back for New Years
From: "Gregory A. Gilliss" <ggilliss@netpublishing.com>
Date: Tue, 30 Dec 2003 13:04:52 -0800

All,

Looks like the bogus Microsoft updates are back - I don't have time to
do diags on this (probably klez or something - anyone wants a copy email
me off-list and I'll zip it to you). Headers etc below for your amusement.

Happy New Year!

G

----------------------------------- CUT HERE ----------------------------------

From n.d.j.van.lang@med.rug.nl  Tue Dec 30 12:50:55 2003
Received: from dep.oprit.rug.nl (dep.oprit.rug.nl [129.125.36.9])
        by netpublishing.com (8.12.9p1/8.11.3) with ESMTP id hBUKorCJ056039
        for <ggilliss@netpublishing.com>; Tue, 30 Dec 2003 12:50:54 -0800 (PST)
        (envelope-from n.d.j.van.lang@med.rug.nl)
Received: from ayep (client36-197.oprit.rug.nl [129.125.36.197])
        by dep.oprit.rug.nl (8.12.10.Beta2/8.12.10.Beta2) with SMTP id hBUKmn0A0
06350;
        Tue, 30 Dec 2003 21:48:49 +0100 (MET)
Date: Tue, 30 Dec 2003 21:48:49 +0100 (MET)
Message-Id: <200312302048.hBUKmn0A006350@dep.oprit.rug.nl>
FROM: "Microsoft Corporation Technical Bulletin" <rcsbbtuyb@confidence.msn.com>
TO: "Commercial Partner" <partner@confidence.msn.com>
SUBJECT: Newest Net Upgrade
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="yqeruhcgojmq"
X-Spam-Status: No, hits=2.1 required=2.6
        tests=MICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET,NO_DNS_FOR_FROM
        version=2.50
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp)

[-- Attachment #1 --]
[-- Type: multipart/related, Encoding: 7bit, Size: 12K --]
Content-Type: multipart/related; boundary="ntpybugge";
        type="multipart/alternative"

[-- Attachment #1 --]
[-- Type: multipart/alternative, Encoding: 7bit, Size: 6.9K --]
Content-Type: multipart/alternative; boundary="qeonjpvttxoyx"

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Microsoft Partner

this is the latest version of security update, the
"December 2003, Cumulative Patch" update which eliminates
all known security vulnerabilities affecting
MS Internet Explorer, MS Outlook and MS Outlook Express
as well as three newly discovered vulnerabilities.
Install now to continue keeping your computer secure
from these vulnerabilities.
This update includes the functionality of all previously released patches.

System requirements: Windows 95/98/Me/2000/NT/XP
This update applies to:
 - MS Internet Explorer, version 4.01 and later
 - MS Outlook, version 8.00 and later
 - MS Outlook Express, version 4.01 and later

Recommendation: Customers should install the patch at the earliest opportunity.
How to install: Run attached file. Choose Yes on displayed dialog box.
How to use: You don't need to do anything after installing this item.


Microsoft Product Support Services and Knowledge Base articles can be found on t
he Microsoft Technical Support web site.
http://support.microsoft.com/

For security-related information about Microsoft products, please visit the Micr
osoft Security Advisor web site
http://www.microsoft.com/security/

Thank you for using Microsoft products.

Please do not reply to this message.
It was sent from an unmonitored e-mail address and we are unable to respond to a
ny replies.

----------------------------------------------
The names of the actual companies and products mentioned herein are the trademar
ks of their respective owners.
Copyright 2003 Microsoft Corporation.

[-- Attachment #2 --]
[-- Type: image/gif, Encoding: base64, Size: 4.8K --]
Content-Type: image/gif
Content-Transfer-Encoding: base64
Content-ID: <ysvwqmm>

[-- image/gif is unsupported (use 'v' to view this part) --]

[-- Attachment #3 --]
[-- Type: image/gif, Encoding: base64, Size: 0.5K --]
Content-Type: image/gif
Content-Transfer-Encoding: base64
Content-ID: <xazwciu>

[-- image/gif is unsupported (use 'v' to view this part) --]


[-- Attachment #2: installation1.exe --]
[-- Type: application/x-msdownload, Encoding: base64, Size: 140K --]
Content-Type: application/x-msdownload; name="installation1.exe"
Content-Transfer-Encoding: base64
Content-Disposition: attachment

[-- application/x-msdownload is unsupported (use 'v' to view this part) --]

----------------------------------- CUT HERE ----------------------------------

-- 
Gregory A. Gilliss, CISSP                              E-mail: greg@gilliss.com
Computer Security                             WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Look what's back for New Years
  - From: Nick FitzGerald <nick@virus-l.demon.co.uk>
- RE: [Full-Disclosure] Look what's back for New Years
  - From: "Bojan Zdrnja" <Bojan.Zdrnja@LSS.hr>

Prev by Date: Re: [Full-Disclosure] whois.crsnic.net hacked?
Next by Date: Re: [Full-Disclosure] Reverse http traffic
Previous by thread: RE: [Full-Disclosure] fwd: Join "IE Dream Team"
Next by thread: Re: [Full-Disclosure] Look what's back for New Years
Index(es):
- Date
- Thread