It's not someone it's lots and lots of people who's Microsoft Outlook is being used by this worm / virus and who have not removed it from their machines.
It's not coming from one source. It's coming from lots of sources. See what I wrote above.
Pretty sad situation that Microsoft has caused because Microsoft Outlook is so vulnerable. I'd like to see a large class action lawsuit happen in regards to this. It's unexcusable.
jon
ARGH!!!!!!!!
Regardless of the mail program used to receive the virus, the virus installs on the machine and uses it's own built in smtp engine to mass mail itself to a created mailing list.
It runs independent of outlook.
"Regardless of the mail program used to receive the virus, the virus installs on the machine and uses it's own built in smtp engine to mass mail itself to a created mailing list. It runs independent of outlook."
Do you have a source / link where this is covered in more detail and confirms what your saying ? I was told that this virus / worm is Outlook related.
jon
jon banquer quipped:
i'd like to see this too. where does it get the address book? all the info i've seen says this an outlook thing.
--nick e.
Same here.
However, if I'm wrong I would be happy to say as much.
jon
Symantec site
"W32.Swen.A@mm is a mass-mailing worm that uses its own SMTP engine to spread itself. It attempts to spread through file-sharing networks, such as KaZaA and IRC, and attempts to kill antivirus and personal firewall programs running on a computer."
JJ
It has an inbuilt list of usenet newsgroup servers it searches for Email addresses. About 100 of them.
There may be more than one worm/virus though. Looks like it
*may* have been mutated.Any simple search can eaisly find more info:
HTH
Clearly, as usual, you either did no research or had reading comprehension problems yet again.
You are the one that said that IIRC.
BTW, Thanks for copying information from *my* posts and rewording it a little for *some* your own posts on the subject.
Any of the anti virus maker websites will give you this information.
However, it does state the following...
"This worm exploits a vulnerability in Microsoft Outlook and Outlook Express in an attempt to execute itself when you open or even preview the message. Information and a patch for the vulnerability can be found at:
That is the only way the virus can open itself. However, anyone with any email program can open this virus and start spreading it regardless of what mail client is used. You don't even have to have a mail client installed to spread it.
here is the link to Symantec.
Devin Hughey quipped:
not quite. I can not run the attached execuatable from Mozilla Thunderbird. I need to save it to disk, then browse over to the file and run it. it's one added layer of protection.
move to linux, and in addition to having to save it my hard drive, I actually have to set it's permissions to make it executable. ie: it saves with only read/write permission. not execute. an ADDITIONAL layer of protection.
security by design vs security as afterthought
tho you are correct, once you run it, it doesn't matter what your email client is (or even if you just use webmail).
--nick e.
p.s. can some MSLookOUT user tell me what exactly MS _did_ do with regards to the gaping automatic executing of attachments? doesn't it just block all exe files now or something like that?
Sorry, that's what I meant, I didn't mean to say that you could run it from any email client, just that you can run it no matter how you received it.
I am pretty sure it was a Mime type flaw that let some embeded mimetypes run themselves. I don't think it was exe related and I am not sure what type it allowed that this virus takes advantage of. This virus does not only come in exe's and I am pretty sure outlook never automatically ran exe's.
Thunderbird.
PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.