Msn virri

View Poll Results: Your feelings on newbies?

Voters
23. You may not vote on this poll
  • They are a chore to be around.

    0 0%
  • They are trivial. Why'd you post a poll?

    0 0%
  • They awe me with their skill.

    0 0%
  • I like to help them, but they must act well.

    12 52.17%
  • Sometimes I'll help - if I feel like it.

    5 21.74%
  • Burn them all. A curse to the field.

    0 0%
  • I'm still one.

    0 0%
  • We were all newbies once. Let 'em in.

    6 26.09%
Results 1 to 3 of 3

Thread: Msn virri

  1. #1
    Senior Member
    Join Date
    Aug 2001
    Posts
    130

    Msn virri

    Coolnow is a worm that uses Microsoft Messenger to propagate. It uses a vulnerability to execute its code via Internet Explorer.

    The worm spreads a message via MSN messenger that contains a link to an infected web page. Some of the messages looks as follows:


    URGENT - Go to http://xxx.xxxxxxxx.xxx/xxxX/mel Now


    ATTeNT!oN - Go to: http://xxx.xxxxxxxxx.xxx/xxxxx_Xxx/teztx1.htm Now

    [img src="http://www.f-secure.com/virus-info/v-pics/coolnow.jpg"] [/embed]

    Note! There are several links where the worm code is available. We are trying to shut down these pages which are not disabled yet.

    When an user clicks on the link in the MSN message, Internet Explorer will open the page and execute the JavaScript code in the page. This is the actual worm.

    The worm uses an vulnerability to execute. It goes through the users MSN contact list and sends a message with a link to an infected site to each recipient.

    Further information, including a fix for the vulnerability, is available from Microsoft at: http://www.microsoft.com/technet/sec...n/MS02-005.asp

    F-Secure Anti-Virus detects the worm with updates released on February 14th, 2002 at 13:15 local time (GMT+2).

    For PocketPC users:

    This worm does does not affect PocketPC 2002. Internet Explorer version in PocketPC cannot execute the worm code because its JavaScript implementation does not support activation of MSN messenger via a script.

    http://www.f-secure.com/v-descs/coolnow.shtml

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    420
    I recently received an email from an MSN user. MSN sent me 3 follow up emails from this persons account (one to sign up myself, one inviting me to use msn pcitures and 3rd inviting me to use msn messenger). The sender (my sister) said MSN sends extra mail from time to time. This annoyed me greatly one more black mark against MSN.
    If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
    -- former White House cybersecurity adviser Richard Clarke

  3. #3
    Senior Member
    Join Date
    Feb 2002
    Posts
    253
    I have subscribed to MSN since 1996 and, until recently, have been pretty satisfied with the service. I have learned that for MSN users an upgrade from IE 5.x to IE 6.0 will cause one to limited to web-based email. I want my POP3 and will move if necessary to save it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides