Not the best place to ask (full-discloure or the incidents list perhaps), but there are numerous phishing scams going of late (I get 3 or 4 a day) that exploit an unpatched IE bug.... e.g. the spam reads You Have a VoiceMessage Waiting Priority :Urgent From:xxx xxx http://www.ONEvoicemailbox.net/voicemail/ (replace ONE with "1" in the host)-- I strongly suggest NOT going to this site with IE This particular site crams in a keylogger into your PC by use of http://221.4.203.78/bestadult/shellscript_loader.js http://221.4.203.78/bestadult/shellscript.js ---Mike At 01:44 PM 21/06/2004, Brent_OKeeffe@asc.aon.com wrote:

Okay... Here is a new one for me. Got a call from my dad saying he left his PC on last night connected to his broadband. He went to log in this morning and noticed a new ID in his user list - IWAP_WWW. He immediately deleted is and called me. I had him ensure his critical updates we all applied - they were. I had him ensure his antivirus was up to date - it was (Norton Antivirus 2004). He is running XP Home.

I searched the antivirus sites and elsewhere for references. Any idea if there is a new vulnerability that has not been publicly released? Any clues?

Regards, Brent