Hi All,
See below for latest alert.......
Description:
W32/Gibe-A is a worm which spreads attached to an email which appears to
come from Microsoft. The email will have the following characteristics:
Subject line: Internet Security Update
Attached file: q216309.exe
Message text:
Microsoft Customer,
this is the latest version of security update, the update which eliminates
all known security vulnerabilities affecting Internet Explorer and MS
Outlook/Express as well as six new vulnerabilities, and is discussed in
Microsoft Security Bulletin MS02-005. Install now to protect your computer
from these vulnerabilities, the most serious of which could allow an
attacker to run code on your computer.
Description of several well-know vulnerabilities:
- "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment"
vulnerability. If a malicious user sends an affected HTML e-mail or hosts
an affected e-mail on a Web site, and a user opens the e-mail or visits
the Web site, Internet Explorer automatically runs the executable on the
user's computer.
- A vulnerability that could allow an unauthorized user to learn the
location of cached content on your computer. This could enable the
unauthorized user to launch compiled HTML Help (.chm)files that contain
shortcuts to executables, thereby enabling
the unauthorized user to run the executables on your computer.
- A new variant of the "Frame Domain Verification" vulnerability could
enable a malicious Web site operator to open two browser windows, one in
the Web site's domain and the other on your local file system, and to pass
information from your computer to
the Web site.
- CLSID extension vulnerability. Attachments which end with a CLSID file
extension do not show the actual full extension of the file when saved and
viewed with Windows Explorer. This allows dangerous file types to look as
though they are simple, harmless files - such as JPG or WAV files - that
do not need to be blocked.
System requirements:
Versions of Windows no earlier than Windows 95.
This update applies to:
Versions of Internet Explorer no earlier than 4.01
Versions of MS Outlook no earlier than 8.00
Versions of MS Outlook Express no earlier than 4.01
How to install
Run attached file q216309.exe
How to use
You don't need to do anything after installing this item.
For more information about these issues, read Microsoft Security Bulletin
MS02-005, or visit link below. If you have some questions about this
article contact us at @microsoft.com
Thank you for using Microsoft products.
With friendly greetings,
MS Internet Security Center.
----------------------------------------
----------------------------------------
Microsoft is registered trademark of Microsoft Corporation.
Windows and Outlook are trademarks of Microsoft Corporation.
If q216309.exe is run it will display the message "This will
install Microsoft Security Update. Do you wish to continue ? ". At this
point the virus will try to install itself to your PC.
Regards
Huw
Joint Listowner Glamorgan
Ogmore Valley and Thurlow
***********************************************************************************************
The information contained in this message or any of its attachments may be confidential
and is intended for the exclusive use of the addressee(s). Any disclosure, reproduction,
distribution or other dissemination or use of this communication is strictly prohibited
without the express permission of the sender. The views expressed in this email are those
of the individual and not necessarily those of Sony or Sony affiliated companies. Sony
email is for business use only.
This email and any response may be monitored by Sony United Kingdom Limited.
(6)
***********************************************************************************************