Virus Alert Category 3 - W32.Mimail.A@mm

Discussion in 'malware problems & news' started by DevilFrank, Aug 1, 2003.

Thread Status:
Not open for further replies.
  1. DevilFrank

    DevilFrank Registered Member

    Joined:
    Jul 20, 2003
    Posts:
    108
    Symantec Security Response is currently analyzing a new worm which spreads via email. The email will have the following characteristics:

    Subject: your account %s
    Attachment: message.zip

    Note: %s refers to a variable string.

    This worm attempts to exploit a vulnerability in Internet Explorer which allows a script to execute in the Local computer. Previously it was reported that this vulnerability was addressed by a Microsoft patch, but this undetermined at this time. For additional information please see »www.securityfocus.com/bid/6961[?].

    The worm is UPX packed.

    Additional information will be provided as analysis continues.

    Virus definitions with a version number of 50801r, also known as August 1, 2003 rev 18, or greater will detect this threat.

    Also Known As: WORM_MIMAIL.A [Trend], W32/Mimail@MM [McAfee], Win32.Mimail.A [CA]

    Type: Worm
    Infection Length: approximately 16kb

    Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me

    http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.a@mm.html
     
    DevilFrank, Aug 1, 2003
    #1
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...