<watch wrap> http://securityresponse.symantec.com/avcenter/venc/data/w32.nimda.a@mm.html http://www.cert.org/current/current_activity.html#port80 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0109&L=ntbugtraq&F=P &S=&P=1747 -Hugh ____________________________ http://www.wholesalenics.net > -----Original Message----- > From: thelist-admin at lists.evolt.org > [mailto:thelist-admin at lists.evolt.org]On Behalf Of aardvark > Sent: Tuesday, September 18, 2001 10:19 AM > To: thelist at lists.evolt.org > Subject: [thelist] another worm? > > > > ok, a few of our clients were hit this morning by something that > tries to get your browser (on windows) to download a .eml file > which it would then launch via an .exe... > > i can't get to any virus sites, since all web traffic coming and going > is pretty hosed right now... > > so, is there a new worm out there? the IIS servers affected were > *supposedly* patched against the last batch... > > anyone?