>According to the article I read (on SANS, I think), IE5.5 SP2 should
>be safe from the vulnerability which would allow infection of nimda
>by simply visiting a web site or opening an email.
Although this is quiet true, I thought I'd just point out that the actual
vulnerability that allows this worm to spread via simply viewing a webpage
isn't patched. My windows machine, running IE 6.0 and Norton AntiVirus
2000 with the latest signatures, does detect any "readme.eml" containing
the Nimda payload. But something like:
http://www.terra.es/personal/cuartango/readme.eml
it ignores. (The link isn't malicious.)
Any feedback appreciated.
-Andrew
