Virus companies are reporting that a new worm, code-named Bugbear, discovered on September 30th is spreading rapidly. Its malicious payload exploits a known vulnerability in Internet Explorer which allows the worm to run when an email message is previewed through unpatched versions of Microsoft Outlook. Virus experts are warning that Bugbears' main danger lies in its capacity to open backdoor ports, specifically port 36794. Once a user is infected, the worm can spread through network shares potentially affecting peripherial devices such as printers, causing them to print uncontrollably.
Banks should take precautions by ensuring that Outlook and Outlook express users have the latest patches installed on their systems and that all users have updated their virus signature files.
Anti-virus company Sophos has developed a standalone
tool which detects and disinfects the commonly
encountered W32/Bugbear-A worm. This
utility provides a simple way for businesses and
home users to confirm their networks are clean
and disinfect any infected files that are found.
Previous Tech Alerts: 10/02/02 Top 20 List of Internet Security Vulnerabilities Released 09/02/02 Microsoft Warns SysAdmins To Immediately Patch Identity Spoofing Flaw 08/21/02 Microsoft releases patch to fix "critical" vulnerability in
Windows 2000 systems that allow unprivileged users to log
onto them interactively 08/09/02 Is Confidential Bank Information Walking Out Your Door? 07/30/02 Microsoft Continues to Patch Flawed Software 07/23/02 CERT advisory on PHP 07/15/02 Outlook Users Employing PGP Encryption Program Vulnerable to Hacking 07/11/02 Researchers Report Serious Flaw in IE 06/27/02 Microsoft Releases Critical Patch for Windows Media Player 06/18/02 CERT Warns of Critical Vulnerabilty in Apache Web Server 06/12/02 Sports Fans Beware: World Cup Virus Bounces Around the Net 06/07/02 Dead Man Tell No Passwords 05/31/02 Microsoft Issues Critical Warning Regarding Exchange Server 05/22/02 Microsoft SQL Spida Worm Slows Network Traffic 05/15/02 Virus Hoax 'JDBGMGR.EXE' Spreading Rapidly Thoughout Net 04/25/02 Klez Worm Reels in Banks with its Bait 04/11/02 Ten New Vulnerabilities Discovered in Microsoft IIS Server 04/09/02 New Virus Hoax Circulating Around Net 03/22/02 MyLife.B Virus Makes Its Way Around the Net 03/21/02 Microsoft Updates Its Warning on Critical Windows Vulnerability 03/14/02 New Virus (W32/Fbound-C) Spreading Rapidly in the Wild 03/08/02 Unauthorized E-Mail Scam Attempts to Steer Unwitting Customers to Fraudulent Bank Web Site 03/06/02 Klez-E Worm and W32.Gibe Virus Warnings 03/01/02 CERT Issues Warning on PHP Scripting Language Flaw 02/27/02 CERT Issues Warning on Internet Explorer and Outlook Flaw 02/22/02 SNMP Patches and Detection Tools Available 02/20/02 Email Address Belonging to Legitimate Security Site Hijacked to Deliver Dangerous Yarner Worm 02/15/02 Mass Mailing Email Worm Compromises Word 2000 Security Settings 02/13/02 SNMP VULNERABILITY 02/07/02 Bloodhound Mass Mailing Worm and Managing Risks in Wireless Networks 02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000 01/31/02 Copycat Virus Unleashed 01/30/02 Netscape Browser Vulnerable to Cookie Theft 01/28/02 "My Party" Mass Mailing Worm 01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability 01/15/02 Trojan.StartPage Alters Web Browsers 01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability 12/20/01 Holiday Themed Computer Virus Unleashed
BankersOnline is a free service made possible by the generous support of our
advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all
banking professionals. Support our advertisers and sponsors by clicking
through to learn more about their products and services.