Virus Name: W32/Swen@MM

Risk Factor: MEDIUM

We would like to make all our users aware of a new worm doing the rounds.

Sometimes purporting to be a Microsoft Security Update, this worm is intended to propagate via various mechanisms:

• mailing itself to recipients extracted from the victim machine
• copying itself over network shares (mapped drives)
• sharing itself over the KaZaa P2P network
• sending itself via IRC

The worm has started to spread quickly, taking advantage of an Internet Explorer vulnerability that was first disclosed two years ago.

The worm is programmed to send an official-looking e-mail that says it contains a "cumulative patch" for several Internet Explorer, Outlook and Outlook Express vulnerabilities.

Our email virus scanner has been updated to protect against this threat.

Stinger is a stand alone remover. You may download your copy by going to the following URL: http://vil.nai.com/vil/stinger

Reference: http://vil.nai.com/vil/content/v_100662.htm

Related links