FanJ
February 14th, 2002, 02:51 PM
Name: JS/Coolnow-A
Aliases: JS.Menger.worm
Type: JavaScript worm
Date: 14 February 2002
At the time of writing Sophos has received just one report of this worm from the wild.
Description:
JS/Coolnow-A is an MSN Messenger worm which exploits a vulnerability in Microsoft Internet Explorer.
The body of the worm exists on a web page. When the page is viewed by a vulnerable user the worm will send a message to all the user's MSN Messenger contacts. The message will ask the recipient to visit the affected web page.
The text of the message will vary according to the affected web page but may be similar to "Go to: http://<address of affected website>".
The worm makes no modifications to a user's system.
Microsoft has issued a security patch which secures against the vulnerability. It is available at Microsoft Security Bulletin MS02-005.
Read the analysis at
http://www.sophos.com/virusinfo/analyses/jscoolnowa.html
Aliases: JS.Menger.worm
Type: JavaScript worm
Date: 14 February 2002
At the time of writing Sophos has received just one report of this worm from the wild.
Description:
JS/Coolnow-A is an MSN Messenger worm which exploits a vulnerability in Microsoft Internet Explorer.
The body of the worm exists on a web page. When the page is viewed by a vulnerable user the worm will send a message to all the user's MSN Messenger contacts. The message will ask the recipient to visit the affected web page.
The text of the message will vary according to the affected web page but may be similar to "Go to: http://<address of affected website>".
The worm makes no modifications to a user's system.
Microsoft has issued a security patch which secures against the vulnerability. It is available at Microsoft Security Bulletin MS02-005.
Read the analysis at
http://www.sophos.com/virusinfo/analyses/jscoolnowa.html