Virus Alert Category 3 - W32.Mimail.A@mm

Discussion in 'malware problems & news' started by DevilFrank, Aug 1, 2003.

Thread Status:
Not open for further replies.
  1. DevilFrank

    DevilFrank Registered Member

    Joined:
    Jul 20, 2003
    Posts:
    108
    Symantec Security Response is currently analyzing a new worm which spreads via email. The email will have the following characteristics:

    Subject: your account %s
    Attachment: message.zip

    Note: %s refers to a variable string.

    This worm attempts to exploit a vulnerability in Internet Explorer which allows a script to execute in the Local computer. Previously it was reported that this vulnerability was addressed by a Microsoft patch, but this undetermined at this time. For additional information please see »www.securityfocus.com/bid/6961[?].

    The worm is UPX packed.

    Additional information will be provided as analysis continues.

    Virus definitions with a version number of 50801r, also known as August 1, 2003 rev 18, or greater will detect this threat.

    Also Known As: WORM_MIMAIL.A [Trend], W32/Mimail@MM [McAfee], Win32.Mimail.A [CA]

    Type: Worm
    Infection Length: approximately 16kb

    Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me

    http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.a@mm.html
     
Loading...
Thread Status:
Not open for further replies.