[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] virus in email RTF message MS OE almost disabled

To: "Mikhail A. Utin" <mutin@xxxxxxxxxxxxxxxxxxxx>, "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] virus in email RTF message MS OE almost disabled
From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
Date: Mon, 22 Nov 2010 20:16:49 +0000

You know, every time I start to get a bit of hope for what looks like an upward 
trend of businesses and organizations taking security seriously, I see crap 
like this.  Your organization is a Medicare prescription contractor with a 
national network of 61,022 contracted pharmacies, and not only are you running 
unpatched versions of old OS's and opening email attachments because they "look 
OK," but you have to post to Full Disclosure asking help for trivial virus 
detection and removal advice?   Now that everyone on FD knows that you are 
vulnerable and that you open email attachments, you've probably just caused the 
organization to be pwned 9 ways from Sunday.

To answer your question, call a professional and have them do it.  And in the 
future, don't send out emails like this from your organization email announcing 
the state of your security.  That's what Hotmail is for.

t

From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx 
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Mikhail A. Utin
Sent: Monday, November 22, 2010 7:18 AM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] virus in email RTF message MS OE almost disabled

Hello,
Opening looking OK email message in my MS OE I've very likely got new kind of 
virus, which exploits MS Office flaw recently announced. Immediately after, my 
OE started consuming huge memory when I switched between folders or messages. 
I've not seen any process in Task Manager taking up to 1 GB memory (physical is 
512M). I did not find any newly installed executables either. When I shut down 
OE, the computer works fine.
Any thoughts?
Thank you

Mikhail

CONFIDENTIALITY NOTICE: This email communication and any attachments may 
contain confidential

and privileged information for the use of the designated recipients named 
above. If you are

not the intended recipient, you are hereby notified that you have received this 
communication

in error and that any review, disclosure, dissemination, distribution or 
copying of it or its

contents is prohibited. If you have received this communication in error, 
please reply to the

sender immediately or by telephone at (617) 426-0600 and destroy all copies of 
this communication

and any attachments. For further information regarding Commonwealth Care 
Alliance's privacy policy,

please visit our Internet web site at http://www.commonwealthcare.org.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] virus in email RTF message MS OE almost disabled
  - From: Gary Baribault

References:
- [Full-disclosure] virus in email RTF message MS OE almost disabled
  - From: Mikhail A. Utin

Prev by Date: Re: [Full-disclosure] SSH scans, i caught one
Next by Date: Re: [Full-disclosure] SSH scans, i caught one
Previous by thread: [Full-disclosure] virus in email RTF message MS OE almost disabled
Next by thread: Re: [Full-disclosure] virus in email RTF message MS OE almost disabled
Index(es):
- Date
- Thread