Maybe I should clarify: By "very slowly" I meant that this should spread significantly more slowly than something which is able to exploit a vulnerability and start executing as soon as it finds a susceptible host. If it's been in the wild for 12 hours without compromising most of the vulnerable hosts, that's slow relative to what's possible.
Thus spake Jack Bates ([EMAIL PROTECTED]): [snip] > > That is a very bad assumption to make. Not all AV software can detect > the various variations of it yet. In addition, there are many EU's that > will still run any executable that shows up in their inbox. Many reports > of the Microsoft Patch scam being used with this one. > > It is multi-part mime, so my current stripping methods will protect the > mailboxes on my system. > > -Jack
