Xmas virus on the cards ?

["security squirrel" <secsquirrel () lycos com>]

Hi all - 

I noticed this article at http://www.vnunet.com/News/1151553 and it looks alarming - however did not find any more 
details. 

If I understand well an HTML file is renamed to JPG and attached to an email. However I did not manage to reproduce 
this. 

This is my summary of the article: 

1. xmas card emails to LEAD to innocent images which are not images but have viruses

2. Mail Filtering systems should handle images just like HTML files + educate

3. ISS reports that this was on a hacker mailing list 

4. techniques to bypass firewalls by MISLABELLING html files as JPGs

5. Steven Darrall is a senior consultant at ISS X-Force Security Assessment Services

6. The problem is caused by Microsoft's Internet Explorer (IE) web browser automatically opening files labelled with 
.jpg or .gif extensions.

7. Hackers have posted a proof-of-concept file in which the content was a script that caused the browser to download 
and install a virus according to Darrall

8. The site serving the virus has since been shut down


Is the image and attachment or is it simply a link to a .jpg file on an HTTP server? Did anyone manage to reproduce 
this or can point to the original post on the "hacker mailing list" which describes this?

- Sec-Squirrel :)




____________________________________________________________
Free Poetry Contest. Win $10,000. Submit your poem @ Poetry.com!
http://ad.doubleclick.net/clk;6750922;3807821;l?http://www.poetry.com/contest/contest.asp?Suite=A59101

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html