[THIN] Re: Possible New Virus

• From: "Claus, Brian" <BClaus@xxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Fri, 1 Aug 2003 14:21:08 -0400

getting hit hard here....597 stops it.  I've seen over 500+ stopped by
email virus filter in 10 mins.
 

 

  _____  


 
Brian Claus, A+, Network+, MCP
Network Administrator
WESCO Distribution, Inc.
225 West Station Square Drive, Suite 700
Pittsburgh, PA 15219-1122
Phone:  412-454-2412
Fax:  412-454-2540
 <mailto:bclaus@xxxxxxxxxxxxx> bclaus@xxxxxxxxxxxxx
  _____  


-----Original Message-----
From: John Twilley [mailto:John.Twilley@xxxxxxxxxxxxxxxxxxxxx]
Sent: Friday, August 01, 2003 2:07 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Possible New Virus


Shit!
 
 
We just got 30 or more of these message.zip attachments... 
Right thru the Trend Scanmail servers!
 
Update to Pattern 597 (Trend)  !!!!!!!!!!
 
 

  _____  

From: John Twilley 
Sent: Friday, August 01, 2003 1:50 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Possible New Virus


Always on Fridays....

  _____  

From: Greg Reese [mailto:GReese@xxxxxxxxxxxxxxxx] 
Sent: Friday, August 01, 2003 1:17 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Possible New Virus


trend is calling it WORM_MIMAIL.A
 
 
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIM
AIL.A

-----Original Message-----
From: Joe Fojut [mailto:Fojut.Joseph@xxxxxxxx]
Sent: Friday, August 01, 2003 1:05 PM
To: Citrix Mail List
Subject: [THIN] Possible New Virus



Just received this from Symantec:

 

There have been some preliminary reports of a new virus that will likely
reveal itself as the day progresses.  It hasn't been given an official
name as of yet and we only have limited information at the moment.  As a
preventative measure, I would strongly suggest setting up some filtering
rules at your e-mail gateway to block any attachments named
"message.zip" or  "message.html"  and if you can filter based on subject
line, also filter on the phrase "your account" without quotes (for file
names as well of course).  Samples have been submitted and Symantec
Security Response is currently analyzing them

 

Regards,

 

Joe Fojut

Research Computing Facility

Mayo Foundation

Rochester, MN

507/538-0159

 

Other related posts:

• » [THIN] Possible New Virus
• » [THIN] Re: Possible New Virus
• » [THIN] Re: Possible New Virus
• » [THIN] Re: Possible New Virus
• » [THIN] Re: Possible New Virus
• » [THIN] Re: Possible New Virus
• » [THIN] Re: Possible New Virus
• » [THIN] Re: Possible New Virus

1. Home
2. thin
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---