On Tue, Oct 23, 2001 at 04:37:53AM -0600, [EMAIL PROTECTED] wrote: I did include a note and its gone so I'll resend it. I figured out what happened. I use Mutt so these viruses won't affect me... and as I was including the attachment I got the wrong file... so I postponed the message and got the right one and in the process of deleteing the wrong one I deleted the note. Sorry.
Here is the URL: http://www.trendmicro.co.uk/frame2.asp?usURL=http://wtc.trendmicro.com/wtc/&returnURL=http://www.trendmicro.co.uk/ The attachment is for Magistr.A and not Magistr.B This could be a "C" variant - I don't know. But I do know the "A" cleans some of it up and if anyone's infected at least you know where to look (one source anyway) for help. For those poor souls running Windows emailers. IMHO you're asking for trouble. THere has been a steady demonstration of security problems and this is escalating. At best - virus scanners are reactive and not proactive. If this is varient "C" for instance then the "fix" code may still leave you vulnerable. This virus is very tame I'd say. In about a month it will erase the BIOS and EEPROMS. It will overwrite the files in your HDD and go after some sectors on the 1st HDD. THere is a month to respond. The ticker could have been set to 30 minutes. The payload could have tweaked the CRTC registers and that can smoke monitors. TO the openssl-users. I addressed the note to the chap who's system was infected and CC'd the group. I did this because I suspect that there may be others in the group who are now infected and facing this problem. Here is what I suggested: 1) Look for more secure mailers. Eudora is a possibility. I know that Netscape has a more secure mailer in it. I also know that Majistr will scan the Eudora and Netscape address lists. But perhaps these mail clients still offer more protection. 2) I checked out Opera (www.opera.com) and it seems to have the features that a windows user would like - nice - simple - seemed to be clean and certainly seems fast. We can ask them if the mail system is safe. IMHO there is absolutly no excuse whatsoever for a mail client to be able to run code arriving from the wild. Let the user save the file. Then at least he has to do something out of the ordinary that he can be held accountable for. -------------- Sorry I spammed the list folks. If the note had been present you'd have known what was going on. I included an attachment because I know that my associate who got Majistr yesterday was unable to access the WWW part of the web and EMAIL was her only hope. I didn't know that the server filters were so non specific in this case that they bark and the solution more than the problem. onon. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
