RE: ADMINISTRIVIA: viruses, worms, and so on

["Hallam-Baker, Phillip" <pbaker@xxxxxxxxxxxx>]

It turns out that with this particular worm you did not need to 
click on anything to get infected. It exploits a hole in windows.

You are ok if your patches were up to date.

> -----Original Message-----
> From: owner-ietf-pkix@xxxxxxxxxxxx
> [mailto:owner-ietf-pkix@xxxxxxxxxxxx]On Behalf Of ESPINET Didier
> Sent: Friday, March 19, 2004 3:31 AM
> To: ietf-pkix@xxxxxxx
> Subject: RE: ADMINISTRIVIA: viruses, worms, and so on
> 
> 
> 
> For your information, the last virus spread out in this 
> mailing list yesterday was the variant S of the well known 
> BAGLE worm (BAGLE.S). It was identified by some antivirus 
> systems as BAGLE.O.
> I suggest you to check your configuration. BAGLE.S runs a 
> process named "directs.exe" which opens port 81 and runs a 
> basic web server used by the worm to spread itself.
> Note: as often, only Windows platforms are concerned.
> 
> Didier ESPINET
> GEMPLUS IT Security Manager
> 
> > -----Original Message-----
> > From: Paul Hoffman / IMC [mailto:phoffman@xxxxxxx]
> > Sent: vendredi 19 mars 2004 00:42
> > To: ietf-pkix@xxxxxxx
> > Subject: ADMINISTRIVIA: viruses, worms, and so on
> > 
> > 
> > 
> > Greetings again. As many of you can tell, there is a new type of 
> > malware that is sending out short messages with spoofed 
> addresses. A 
> > few have hit this mailing list. It appears that I have not 
> perfected 
> > the Procmail filter to prevent these. FWIW, I appear to have 
> > perfected the Procmail filter for most of the other nasties going 
> > around, and have deflected dozens that would have made it to this 
> > list.
> > 
> > As usual, don't execute anything that is sent on this (or 
> any other) 
> > mailing list. Don't trust my filters to protect you. Be careful.
> > 
> > --Paul Hoffman, Director
> > --Internet Mail Consortium
> > 
> > 
>