病毒警告（阿沛.晋美谈西藏问题国际化）

相继收到有这样标题与附件的邮件：

　　标题：为人父母，我们应扮演哪种角色，附件：寻找我们的角色.doc
　　标题：阿沛.晋美谈西藏问题国际化， 　附件：访谈录1--西藏问题之国际化.doc

其都含义一个较新的病毒，"MS Office Exploit RTF MSCOMCTL.OCX RCE CVE-
2012-0158"，很多杀毒软件暂时都还测不出。请留意。

基本原则：没有百分之百的把握，不要打开任何附件。此外，给别人发信时，凡是
可以不用附件形式发的文字，也请直接放在邮件正文里，尽量不要发附 件。

小刚


On 2013/1/16 11:15, malware@vicheck.ca wrote:
> Thank you for your submission to vicheck.ca.
>
>
> We received your message:
> From: "Xiaogang Zhang (G)" <xiaogangz@acm.org>
> Subject: Fwd: 阿沛.晋美谈西藏问题国际化
> Date: Wed, 16 Jan 2013 10:38:03 +1100
> Message-ID: <50F5E85B.40307@acm.org>
>
> 访谈录1--西藏问题之国际化.doc:
> SCAN: Suspicious file - MS Office Exploit RTF MSCOMCTL.OCX RCE CVE-2012-0158
> REPORT: https://www.vicheck.com/md5query.php?hash=5a8f4df978d002f8b1a3fe5d3fa4fce2
> Exploit method detected: genexploit - MS Office Exploit RTF MSCOMCTL.OCX RCE CVE-2012-0158.
> Confidence ranking: 50 (1 hits).
>
> External hash searches:
> VIRUS SCAN VirusTotal: New
> VIRUS SCAN Threat Expert: New
> VIRUS SCAN Team-CYMRU.org: New
>
>
> This email was sent automatically in response to your email to hereyougo@vicheck.ca submitting a suspected virus to us. You can also upload suspicious files on www.vicheck.ca
>
> Disclaimer: While many embedded executables are detected by our scan, as with any anti-virus there is no guarantee that all viruses are detected or that new exploits that download malware directly from the internet are detected. Remember not to open web links or email attachments that you were not expecting or can't verify their legitimacy with the sender.
>
>

--
本文来自《童言无忌》邮件群组。回复本邮件将发信到邮件群组，将可能暴露您的email 地址，姓名，IP 地址，操作系统和发信软件版本信息。如要私下回复给本文作者，请手工拷倍发信人邮件地址另外发信。请参考 邮件组和电邮的隐私保护建议 https://groups.google.com/group/lihlii/t/30122ea197f17c7
退订 请发电邮给 lihlii+unsubscribe@googlegroups.com
订阅 请发电邮给 lihlii+subscribe@googlegroups.com
网页浏览 https://groups.google.com/group/lihlii?hl=zh-CN