[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: wont install

On Thu, Oct 16, 2003 at 11:01:51PM -0400, Roberto Sanchez wrote:
> stuart whittaker wrote:
> >file will unzip with winzip.
> >
> >
> Since the message was HTML generated with some M$ tool I would
> guess that the attachment contains a virus of some sort.
> Maybe we are witnessing fledgling attempts at social engineering
> to get Linux users download and execute viruses?
> Maybe I am just being paranoid.  Anyone want to start a pool and
> take bets?

I was just thinking that since most people believe "executable 
attachments bad; MSWord attachments bad" the smartest thing for virus 
writers to do would be look for buffer exploits in apps and send docs 
that exploit those.  What if the mere act of unzipping a zip was the 
attack vector?  Since the Windows zip is now a DLL loaded in-process 
with explorer.exe, that would be the way to go.

Reply to: