Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: hotmail password request tool (intranet usage)
Ulrich Hobelmann wrote:
> DA Morgan wrote:
>
>> Let me see if I get this correctly ... you have stolen an internal >> file from Microsoft and you are distributing it in a usenet group. >> And you think anyone out here dumb enough to blindly open an archive >> file not knowing its contents.
Here at the University of Washington there have been demonstrations of archive files that autoexecute when opened (not even unpacked) which is more than enough to trigger an attack.
How serious is the problem? All .zip files are deleted by our mail server. I'll let you be the judge, knowing that, of how you feel about opening and archive that is self-identified as stolen from an internal web site (what does that say about the poster's integrity level) and for which the poster has done his or her best to not reveal what is actually contained.
Microsoft is now involved. If this person is truly inside the company they may well exit sooner than they planned ... and not through the front door. I've as much use for thieves as for spammers.
-- Daniel A. Morgan University of Washington damorgan_at_x.washington.edu (replace 'x' with 'u' to respond)Received on Mon Apr 18 2005 - 14:59:31 CDT