IT-DISCUSS Archives

January 2006

IT-DISCUSS@LIST.UVM.EDU

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Stefanie Ploof <[log in to unmask]>
Reply To:
Technology Discussion at UVM <[log in to unmask]>
Date:
Sun, 1 Jan 2006 11:01:50 -0500
Content-Type:
TEXT/PLAIN
Parts/Attachments:
TEXT/PLAIN (25 lines)
McAfee has released a notice that Exploit-WMF is resulting in a high
volume of spam.  It is traveling as a mail message with the following
characteristics:

Subject: Happy New Year
Body: picture of 2006
Attachment: HappyNewYear.jpg (actually a WMF file with a .JPG extension)

More information about Exploit-WMF is available from McAfee at:

http://vil.nai.com/vil/content/v_137760.htm

This exploit takes advantage of the meta file vulnerability I mentioned a
few days ago which permits the execution of a malicious .wmf file on
Windows machines.  More information is available at:

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33721
http://www.microsoft.com/technet/security/advisory/912840.mspx

Please take precaution, don't open attachments you weren't expecting, even
if they arrive from people you know.

Questions or problems?  Please contact CIT Helpline at 656-2604 or
http://www.uvm.edu/cit/help .

ATOM RSS1 RSS2