mailing list archives
Re: maybe this should be on sec focus but.
From: Damian Gerow <damian () sentex net>
Date: Fri, 1 Aug 2003 14:27:26 -0400
Thus spake Drew Weaver (drew.weaver () thenap com) [01/08/03 14:25]:
I have had like 4 users call and tell me that they're receiving
email from admin () ourdomainname with a unidentified attachment, possibly a
worm that exploits the new Microsoft vulnerability last week, all 4 of these
people reported that their updated this morning antivirus software missed
The latest NAI definitions catch it as Exploit-Codebase (which I *think* is
just a general catchall). We have an open ticket with F-Prot for this, and
are currently waiting on updated definitions from them.