Klez.h Worm

Warning! New Version of the "Klez" I-Worm is Spreading Fast - Klez.h

Kaspersky Labs announces the exposure of a new modified version of the
"Klez" Internet-worm - Klez.h, already resulting in numerous computer
infections in many countries including Japan, China, Austria and the
Czech Republic.

To gain entry to a computer the worm exploits a vulnerability in the
Internet Explorer security system (the IFRAME vulnerability). Due to
this Klez is able to imperceptibly infect computers immediately after
the infected message is read. This special feature practically discounts
the human factor and many times over raises the effectiveness of Klez.h
to infect and to spread.

To protect against Klez.h Kaspersky Labs recommends that you immediately
update the Kaspersky Anti-Virus database. To remove the threat of
infection from the Klez.h worm and any other modification of this worm,
you should install the required patch for Internet Explorer. It can be
found on the Microsoft site at the following address:

http://www.microsoft.com/windows/ie/...08/default.asp

A more detailed explanation about the Klez worm family can be found in
the Kaspersky Virus Encyclopedia at:

http://www.viruslist.com/eng/viruslist.html?id=4292

Symantec:
Due to an increased number of submissions, this threat has been upgraded to Category 3.

http://www.sarc.com/avcenter/venc/da...klez.h@mm.html

[Detox]

Funny, the MS site says that the update is included in IE 5.0 *SP2, are we to assume it is also included in 5.5 SP2?
After all, I just went 5.0 to 5.5 last week ;-)

Never certain, but after a lot of observation on how those bullitins work at MS, *only the versions affected are stated - anything included is specifically stated - so the assumption is anything not specifically stated does not apply.

Later, Rickster

Yes it is included in IE 5.5 SP2. * It is quite an old vulnerability that most persons would have already patched. *See link http://www.microsoft.com/technet/tre...n/MS01-020.asp