MACSCRPT Archives

May 2003

MACSCRPT@LISTSERV.DARTMOUTH.EDU

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Paul Berkowitz <[log in to unmask]>
Reply To:
Macintosh Scripting Systems <[log in to unmask]>
Date:
Sat, 24 May 2003 09:25:59 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (37 lines)
On 5/24/03 9:04 AM, "Chuck Pelto" <[log in to unmask]> wrote:

> Is anyone else getting e-mail from [log in to unmask] with a cryptic
> line telling you to open an enclosure?


Yes. My ISP is removing it as spam. It's a known issue:

--------------------------------------

WHAT IS IT?
W32/Palyh@MM is a worm that spreads via e-mail and network shares.  The
Microsoft Product Support Services Security Team is issuing this alert to
advise customers to be on the alert for this virus as it spreads in the
wild.  Customers are advised to review the information and take the
appropriate action for their environments.

IMPACT OF ATTACK: Mass-mailing

TECHNICAL DETAILS:
W32/Palyh@MM spreads via e-mail and network shares.  This worm spoofs the
address [log in to unmask]  While [log in to unmask] is a valid
e-mail address Microsoft does not send unsolicited e-mail containing
attachments to our customers.  Information on Microsoft's official response
to all virii of this nature can be found here:
http://www.microsoft.com/technet/security/news/patch_hoax.asp


----------------------------------------

It doesn't do anything at all on the Mac, of course. (Unless you choose to
receive email in Virtual PC, where it will only affect VPC, nothing outside
it.)

--
Paul Berkowitz

ATOM RSS1 RSS2