Email with malicious links targetting Australians and the National Australia Bank
As you will see in this SANS alert, there is an email circulating that is targetting Australians - specifically, customers of the National Australia Bank.
Of special note is the fact that the email targets not only Internet Explorer vulnerabilities, but targets Firefox users as well - the bullseye on Firefox's butt is getting steadily larger.
Regarding the IE vulnerabilities, note that MS06-006 was patched in February 2006, MS03-011 was patched in April 2003 and MS06-014 was patched in April 2006.
The Firefox vulnerability was fixed in build 1.0.5.
We have been receiving copies of this email at the office, but Exchange's Intelligent Message Filter ("IMF") has been diverting all copies directly to the spam bucket where I can examine and delete them safely.
IMF is built in to SP2 for Exchange and is available as a separate download for SP1. Note that if you already have IMF on a SP1 box, you will need to remove it before installing SP2.
Once again, those of us who are fully patched, and have the latest service packs applied, are safe from active use of known exploits.