JS/Coolnow-A

Discussion in 'malware problems & news' started by FanJ, Feb 14, 2002.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest

    Name: JS/Coolnow-A
    Aliases: JS.Menger.worm
    Type: JavaScript worm
    Date: 14 February 2002

    At the time of writing Sophos has received just one report of this worm from the wild.

    Description:

    JS/Coolnow-A is an MSN Messenger worm which exploits a vulnerability in Microsoft Internet Explorer.

    The body of the worm exists on a web page. When the page is viewed by a vulnerable user the worm will send a message to all the user's MSN Messenger contacts. The message will ask the recipient to visit the affected web page.

    The text of the message will vary according to the affected web page but may be similar to "Go to: http://<address of affected website>".

    The worm makes no modifications to a user's system.

    Microsoft has issued a security patch which secures against the vulnerability. It is available at Microsoft Security Bulletin MS02-005.


    Read the analysis at
    http://www.sophos.com/virusinfo/analyses/jscoolnowa.html
     
  2. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,995
Loading...
Thread Status:
Not open for further replies.