Tech Alert Briefing for 3/6/2002
Klez-E Worm Expected to Drop Payload
Although the Klez-E virus was first released in November 2001, users are warned to be on the look out for its damaging payload which is expected to drop today (3/6/02).
According to Symantec, there are several variations of the Klez virus in circulation but it is the Klez.E strain that is expected to deliver its payload on the 6th of every odd numbered month (January, March, May, July, September, November). If resident on a users system, the virus willattempt to overwrite files with a .bak, .c, .cpp ,.doc, .htm, .html, .jpg, .mp3, .mpeg, .mpg, pas, .txt,. wab and .xls extension.
Additional information on this virus is available from Command Central.
W32.Gibe Worm Disguised as Microsoft Internet Security Update
A virus written in Visual Basic is being distributed via email and masquerading as an Internet Security Update.The fake message, which is not from Microsoft, appears as:
From:Microsoft Corporation Security Center
Subject: Internet Security Update
this is the latest version of security update, the update which eliminates all known security vulnerabilities affecting Internet Explorer and MS Outlook/Express as well as six new vulnerabilities
How to install
Run attached file q216309.exe
How to use
You don't need to do anything after installing this item.
Additional information on this virus is available from the Symantec Response Center
Previous Tech Alerts:
03/01/02 CERT Issues Warning on PHP Scripting Language Flaw
02/27/02 CERT Issues Warning on Internet Explorer and Outlook Flaw
02/22/02 SNMP Patches and Detection Tools Available
02/20/02 Email Address Belonging to Legitimate Security Site Hijacked to Deliver Dangerous Yarner Worm
02/15/02 Mass Mailing Email Worm Compromises Word 2000 Security Settings
02/13/02 SNMP VULNERABILITY
02/07/02 Bloodhound Mass Mailing Worm and Managing Risks in Wireless Networks
02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000
01/31/02 Copycat Virus Unleashed
01/30/02 Netscape Browser Vulnerable to Cookie Theft
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed
First published on 03/05/2002