All, This is a first for me. Per: http://blogs.csoonline.com/malwarecybercrime/2628/symantecs-research-south-k... There is a piece of windows malware that looks for mRemote installs on windows. If found it looks for cached "root" credentials. If those are found it uploads a script to wipeout /kernel, /usr, /etc, and /home. I gather the key vulnerability is that mRemote stores the destination host and credentials in plaintext. (or a easily decoded format). If anyone has mRemote installed on a windows box, I'm curious how the password is stored. The config info is at: %UserProfile%\Local Settings\Application Data\Felix_Deimel\mRemote\confCons.xml fyi: the target of this attack was South Korea, but once malware code like this is made public, it starts to show up in other malware. Greg -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org