Back to Newsroom

23 March 2004

IE, Outlook, P2P users at risk

We thought we'd seen just about the last of the Netskies, when a new variant of the malignant worm began to make the rounds earlier today. This new nasty doesn't need the user to cooperate by opening an e-mai attachment. It activates at the moment the message is rendered. The bottom line is that viewing an e-mail, either in Internet Explorer or in Outlook, may be enough to get you infected.

The worm uses the age-old "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment" vulnerability, also known as IFRAME to infect the computers of users who read their mail off the web and don't patch their Internet Explorer quite often enough.

Sounds familiar? It is. Critical Windows patches have failed to reach the masses before, despite dire warnings from Microsoft and security software vendors alike. Our analysts have assesed that the spreading potential of this worm is high, and their oppinion is being confirmed by out Real Time Virus Reporting network.
http://www.bitdefender.com/bd/site/virusinfo.php?menu_id=2&source=mail&dc=1

Microsoft has released a bulletin about this issue, and the vulnerability is patched in IE 5.01 SP2 and IE 5.5 SP2.
http://www.microsoft.com/technet/security/bulletin/MS01-020.mspx

The virus also attempts to spread via P2P networks, by copying itself into likely directories under an assortment of attractive names.

BitDefender analysts have posted a signature update and released a free removal tool to address this threat.
http://www.bitdefender.com/html/free_tools.php

 Share

Contacts