RE: Beware of Virus zip attachment [Was: SUO: Weah, hello! :-)]
Thanks, that was what I thought might be the case,
but lots of descriptions didn't mention for sure that
the user has to both unzip and execute a program
contained in the .zip folder. I would never run
an .exe in a .zip that I wasn't sure of.
The press release you included makes that clear.
Rich
Randall R Schulz wrote:
> Richard,
>
> Opening a straight Zip archive poses no risk in itself.
> Extracting and
> executing its contents would expose you to malicious code, if
> any. If the
> archive was equipped with auto-extracting, auto-executing
> adornments and
> content, then the default "open" action would likewise expose
> you to any
> malicious code within.
>
> The password issue is a red herring, really. Here's a notice
> from my ISP
> regarding this new piece of malicious code:
>
> -==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-
>
> Wed Mar 3 09:17:51 PST 2004 -- Virus Alert. A new variant
> of the Beagle
> virus was released yesterday. The virus spreads through an email
> attachment and is hidden in an attached zip file. Sonic.net's virus
> scanners began filtering for this variation a few hours after its
> release.
>
> For more information on the virus and how to remove it, please visit:
>
> <http://securityresponse.symantec.com/avcenter/venc/data/
> w32.beagle.k@mm.html>
> <http://vil.nai.com/vil/content/v_101061.htm>
>
> -Sonic.net Support
>
> -==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-
>
> Wed Mar 3 09:17:51 PST 2004 -- VIRUS ALERT. A new variant
> of the Beagle
> virus was released yesterday. The virus spreads through an email
> attachment and is hidden in an attached zip file. UPDATE -
> This virus
> has been mutating extensively, and we are unable to block it's many
> variants at this time. In addition, most PC anti-virus
> software is not
> blocking this virus.
>
> That said, it requires quite a bit of user interaction for
> the PC to be
> infected. Uses must open the encrypted ZIP using the
> password, then run
> the enclosed program. Needless to say, DON'T DO THIS.
>
> The virus may pose as a communication from your ISP or mail service
> provider, and may include text which indicates that a
> security or virus
> problem requires that you open and execute the file. Don't
> be fooled!
>
> For more information on the virus and how to remove it, please visit:
>
> <http://securityresponse.symantec.com/avcenter/venc/data/
> w32.beagle.k@mm.html>
> <http://vil.nai.com/vil/content/v_101061.htm>
>
> -Sonic.net Support
>
> -==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-
>
>
> The passwords are not a form of cryptographic protection on
> the content of
> the Zip archive. Under Linux, e.g., that archive opens
> without entering
> any password.
>
>
> Randall Schulz
>
>
> On Wednesday 03 March 2004 09:42, Richard Cooper wrote:
> > Murray,
> >
> > Do you know if a .zip file without a password
> > is safe to open on windows? I've heard mixed
> > rumors on that one, but nobody seems to know
> > for sure.
> >
> > Also, I've gotten half a dozen .zip attachments
> > this morning from weird addresses. Some new
> > virus must be out.
> >
> > Rich
>
>
> /center>
> </div>
> <p> </td>
> </tr>
> </table
>