[Full-disclosure] patch-9449
Juha-Matti Laurio
juha-matti.laurio at netti.fi
Fri Apr 13 10:14:35 BST 2007
Wong Chee Chun <cheechun2005 at gmail.com> wrote:
Dshield (ISC) page discusses about the same issue.
The filenames are randomized. 4 or 5 numbers always.
- Juha-Matti
> Dshied's recent diary entry might has something related about this virus i
> guess. except that the filename is patch-58214.zip.
>
>Here is the link to the diary -->
>
>http://www.dshield.org/diary.html?storyid=2618&dshield=0fcfb711fed834995b1d52da5f438c11
>
>
>cheers
>
On 4/13/07, Steward Smith <fulldisc at swill.org> wrote:
Hi,
Had a funny spam today that warned about mails coming from my IP address
and I should apply the attached patch. The filename was named
patch-9449.exe which was attached in a password protected zip file -
presumably to fool your virus scanner.
I unpacked it but my up-to-date virus scanner on my Windows XP vmware
instance cannot detect any malware.
Has anyone else seen this and know what it is?
Stew
Full-Disclosure is hosted and sponsored by Secunia.