|
Symantec WARNS of a computer worm:W32.Gibe@mm
Due to the number of submissions received by Symantec Security Response, W32.Gibe@mm virus has been upgraded from a Level 2 to a Level 3 threat.
W32.Gibe@mm is a worm that uses Microsoft Outlook and its own SMTP engine to spread. It sends itself to addresses found in Microsoft Outlook Address book and by searching .htm, .html, .asp, and .php files. The worm is disguised as a Microsoft Internet Security Update. This worm arrives in an email message as the attachment Q216309.exe. It installs a Backdoor
Trojan which allows remote access to the infected system.
Date : March 12, 2002
Name : W32.Gibe@mm
Threat Assessment: upgraded from Level 2 to Level 3
(moderate)
Description
The email message, which is not from Microsoft, has the following characteristics:
| | - From: Microsoft Corporation Security Center
- Subject of email: Internet Security Update
- Attachment: Q216309.exe. The attached file, Q216309.exe, is written in Visual Basic; it contains other
worm components inside itself. When the attached file is executed, it creates a number of files which allows the
worm to spread using Outlook and SMTP, installs a Backdoor Trojan to remotely access the infected system and creates a data file to store email addresses.
- Body: Microsoft Customer,
|
This is the latest version of security update, the update which eliminates all known security vulnerabilities affecting Internet Explorer and MS Outlook/Express as well as six new vulnerabilities.
How to install
Run attached file q216309.exe
How to use
You don't need to do anything after installing this item
For further information on W32.Gibe@mm please visit http://securityresponse.symantec.com/avcenter/venc/data/w32.gibe@mm.html
Definitions From Symantec Definitions to detect this virus were first posted on 6th March, 2002
Symantec Security Response Symantec Security Response is one of the industry~s largest dedicated team of virus experts. With offices located in the United States, Japan, Australia and the Netherlands, the sun never sets on Symantec Security Response. The centre~s mission is to provide swift, global responses to computer virus threats, proactively research and develop technologies that eliminate such threats and educate the public on safe computing practices. As new computer viruses appear, Symantec Security Response develops identification and detection for these viruses and provides either a repair or delete operation, thus keeping users protected against the latest virus threats
http://securityresponse.symantec.com.
Symantec: Symantec, the world leader in Internet security technology, provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers. The company is a leading provider of client, gateway and server security solutions for virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises and service providers around the world. Symantec~s Norton brand of consumer security products is a leader in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 38 countries.
|
