Re: wont install
Ron Johnson <ron.l.johnson@cox.net> said,
> On Thu, 2003-10-16 at 23:08, Roberto Sanchez wrote:
> > Tom wrote:
> > > On Thu, Oct 16, 2003 at 11:01:51PM -0400, Roberto Sanchez wrote:
> > >
> > >>stuart whittaker wrote:
> > >>
> > >>>file will unzip with winzip.
> > >>>
> > >>>
> > >>
> > >>Since the message was HTML generated with some M$ tool I would
> > >>guess that the attachment contains a virus of some sort.
> > >>Maybe we are witnessing fledgling attempts at social engineering
> > >>to get Linux users download and execute viruses?
> > >>
> > >>Maybe I am just being paranoid. Anyone want to start a pool and
> > >>take bets?
> > >>
> > >
> > >
> > > I was just thinking that since most people believe "executable
> > > attachments bad; MSWord attachments bad" the smartest thing for virus
> > > writers to do would be look for buffer exploits in apps and send docs
> > > that exploit those. What if the mere act of unzipping a zip was the
> > > attack vector? Since the Windows zip is now a DLL loaded in-process
> > > with explorer.exe, that would be the way to go.
> > >
> > >
> >
> > Except that the attachment to the initial message was a .tgz, which
> > Windows cannot handle without a third party app. Had it been a .zip,
> > I would have immediately suspected what you said.
>
> The OP says "file will unzip with winzip", so maybe it will.
Not that this thread is going anywhere, but WinZip will actually
decompress/untar .tar.gz or .tgz.
I'm one of those poor souls who still has to use Windows on my work
desktop :-(
--
Aaron Bieber
-
Graphic Design // Web Design
http://www.fisheyemultimedia.com/
aaron@fisheyemultimedia.com
Reply to: