PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : [UCE] Network Security Pack



nahrens
27.08.2003, 08:55
Return-path: <Jaksey [at] peoplepc.com>
Envelope-to: ???????????????????
Delivery-date: Tue, 26 Aug 2003 xx:xx:xx +0200
Received: from [209.228.32.185] (helo=c002.snv.cp.net)
by mxng00.kundenserver.de with smtp (Exim 3.35 #1)
ID: [ID filtered]
for ???????????????????; Tue, 26 Aug 2003 xx:xx:xx +0200
Received: (cpmta 17242 invoked from network); 26 Aug 2003 xx:xx:xx -0700
Received: from 63.189.232.92 (HELO MfXSRm)
by smtp.peoplepc.com (209.228.32.185) with SMTP; 26 Aug 2003 xx:xx:xx -0700
X-Sent: 26 Aug 2003 xx:xx:xx GMT
FROM: "MS Corporation Security Department" <nsvrlryvwewbeaua [at] support.msdn.com>
TO: "Microsoft Customer" < >
SUBJECT: Network Security Pack
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="oWZHlUFWBZmLyYtTv"
Message-ID: [ID filtered]
Date: Tue, 26 Aug 2003 xx:xx:xx +0200
--oWZHlUFWBZmLyYtTv
Content-Type: multipart/alternative; boundary="cjTYAPHNXvpD"
--cjTYAPHNXvpD
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Ich weiß nicht, ob es sich bei dieser Nachricht um Spam handelt, ich sähe zumindest keinen Sinn drin ein MS-Produkt zu bewerben:

Microsoft Customer
this is the latest version of security update, the
"August 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches.
System requirements:
Win 9x/Me/2000/NT/XP
This update applies to:
Microsoft Internet Explorer, version 4.01 and later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later
Recommendation:
Customers should install the patch at the earliest opportunity.
How to install:
Run attached file. Click Yes on displayed dialog box.
How to use:
You don`t need to do anything after installing this item.
Microsoft Technical Support is available at http://support.microsoft.com/
For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security
Contact us at http://www.microsoft.com/isapi/goregwiz....t=3D/contactus/ (http://www.microsoft.com/isapi/goregwiz.asp?target=3D/contactus/)=
contactus.asp

Der Rest der Nachricht sieht, ungefähr 10 Seiten lang, so aus:

AAAAuAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v
ZGUuDQ0KJAAAAAAAAAC3Egfb83NpiPNzaYjzc2mIGmxkiPJzaYhSaWNo83NpiAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAFBFAABMAQMAdV1OPgAAAAAAAAAA4AAPAQsBBgAAgAAAAPABAAAAAACEEQAA
ABAAAACQAAAAAEAAABAAAAAQAAAEAAAACQAfAAQAAAAAAAAAAIACAAAQAABa7QIAAgAAAAAAEAAA
yKoOZpt0D2aBKA5mxRsOZvobDmbyHw5m3H0CZimrDmbcRwJmV6UOZkmyDmZX0wFm+LMOZkZT
yKoOZpt0D2aBKA5mxRsOZvobDmbyHw5m3H0CZimrDmbcRwJmV6UOZkmyDmZX0wFm+AmZY
sgFmd+ICZrlsDWYNWA1mWE0CZoaXD2Z0sg5mm7MOZk9UDmYI1w1m2Y0CZl3gD2YdFw5ma4EC
sgFmd+ZrSO
DmZnKQ5mwNcNZkFQAmYi3gBmUEcCZu5IAmbFpA5mAAAAAAAAAAD/JUAQQAD/JZAQQAD/JQgQQAD/
JRAQQAD/JRwQQAD/JSAQQAD/JXQQQAD/JYAQQAD/JTwQQAD/JUgQQAD/JVwQQAD/JXwQQAD/JTgQ
QAD/JZQQQAD/JRgQQAD/JRQQQAD/JVgQQAD/JYwQQAD/JXAQQAD/JWgQQAD/JYQQQAD/JSQQQAD/
JXgQQAD/JTAQQAD/JSgQQAD/JQQQQAD/JVQQQAD/JSwQQAD/JWAQQAD/JQwQQAD/JWQQQAD/JVAQ
QAD/JUwQQAD/JTQQQAD/JUQQQAD/JQAQQAD/JWwQQAD/JYgQQABo1BFAAOjw////AAAAAAAAMAAA

Handelt sich um Spam, danke für eure Mühe.

Fidul
27.08.2003, 15:37
Das ist kein Spam sondern ein Virus.
--
Wir kriegen euch alle!

nahrens
27.08.2003, 19:53
Aber es gibt keinen Mail-Anhang

Fidul
28.08.2003, 00:44
Diese 10 Seiten Code sind der Schädling. Möglicherweise ist bei der Codierung etwas schiefgegangen.
--
Wir kriegen euch alle!