[Nottingham] Unknown (at least to me) message
ForkBombFluf
fluf at freeshell.org
Wed Dec 24 09:39:57 UTC 2008
On Wed, 24 Dec 2008, Jim Moore wrote:
> Ron Wilton wrote:
>> When I open Firefox I get a dialogue box with the following message.
>>
>> +++
>> Opening a.asc
>>
>> You have chosen to open
>>
>> a.asc
>>
>> which is a: PGP/MIME-encrypted message header
>> from:...a file on my harddrive
>>
>> What should Firefox do with this file?
>> ...
>> +++
>>
>> What does this mean, and am I safe to open it?
>>
>> Ta
>>
>> Ron
>>
>>
>> ------------------------------------------------------------------------
>
> On Linux, you could probably safely do this as downloaded files usually
> have the "Execute" bit flipped off. The result would likely by garbage
> on the screen. The NT kernel ignores or is unaware of this bit and
> attempts to execute anything that even remotely looks like a script or
> blob of code.
>
> This can have several unfortunate effects from the installation of
> malware (ie keyloggers, BHO toolbars, adbanner clients, mailbomb
> servers), to the destruction of the operating environment (corruption of
> the kernel, registry, etc.).
>
> What you have there is likely an attempt by a piece of Javascript to
> hijack your home page using a local file to install malware from a
> remote server. Of course, if you're on Linux this won't work. All you
> need do is reset your homepage and delete the offending file (if it
> exists) from your hard drive.
>
> --
> TLP
>
Jim: I may be being a bit obtuse here, but how do you get from a file
called a.asc (usually a file extension for ascii text I think, even in
Windows) to "probably a piece of javascrapt trying to hijack your
homepage?"
Ron: Have you tried searching for and opening the file a.asc in a text
editor, (ie. not doing anything remotely like exectuing it, but just
looking at it to see what it is?)
What would cause Firefox to think it was a PGP/MIME-encrypted message
header anyway? Sounds a bit like a lost e-mail...
puzzled,
-Stef
More information about the Nottingham
mailing list