since this kind of stuff has caused trouble on this mailing list, i thought this warning would not be a waste of bandwidth (cc'ing mp in case he wants to forward to pen-l also).
--ravi
-------- Original Message --------
Subject: Alert: Worm posing as IE cumulative patch
Lots of people have emailed me about the email making the rounds which states its from "Microsoft Corporation Security Center" and has a subject line of "Internet Security Update".
The email has an attachment which the message claims to be the "1 Mar 2002 Cumulative Patch" for IE.
In case you don't already know, there isn't such a patch and its not from Microsoft. Microsoft never emails out patches.
The bogus email is actually the GIBE worm, a description for which can be seen at;
http://www.f-secure.com/v-descs/gibe.shtml http://www.sarc.com/avcenter/venc/data/w32.gibe@mm.html http://vil.nai.com/vil/content/v_99377.htm http://www.antivirus.com/cgi-bin/vinfo.pl?OneVirus=WORM_GIBE.DR
Just to provide a few references (check the home page of your anti-virus vendor for details)
Cheers, Russ - NTBugtraq Editor