- Recommend:
- 0 Comments
Revamped Klez Worm Reappears
Existing databases, patches can constrain latest variant, which travels by e-mail and LAN.
A variant of a worm that takes advantage of preventable vulnerabilities in Microsoft's Internet Explorer and Outlook Express software is spreading, antivirus vendors are warning.
The new version, the Win32.Klez.H@mm worm, is a variant of the mass-mailing Klez worm that surfaced last year. The Klez worm reappears periodically, most recently appearing in March, when it caused minimal damage. Like the earlier version, the newest Klez spreads via e-mail and travels across files on a network.
Both versions of Klez insert a variety of subject lines in its infected messages, including one that masquerades as a virus alert. It pulls e-mail addresses from Outlook address books and even America Online's ICQ chat application, according to the antivirus vendors. Then it propagates by sending itself to the pilfered addresses.
Attacks Scattered
Klez tries to disable any antivirus programs installed on a PC that it infects. The worm removes the start-up registry keys that antivirus products use, according to representatives of Symantec, which markets Norton Antivirus. Symantec Security Response is rating this variant of Klez a three on its danger scale of five, rendering it a "medium" risk.
The Klez.H attachment is sometimes accompanied by another virus, called W32.Elkern, which can infect network files. It will cause system crashes if activated, the antivirus vendors say.
The original Klez itself reoccurs periodically, note antivirus experts at the security firm F-Secure. It activates on the sixth day of odd-numbered months, trying to overwrite certain file types on infected PCs.
Antivirus vendor Kaspersky Lab says it has received reports of infections by the newest Klez in Europe and Asia.
Patches Available
The latest virus data files from leading antivirus vendors should protect users against this variant, the vendors say.
Also, Microsoft addressed the vulnerability that Klez exploits in recent patches for IE versions 5.01 and 5.5, which are vulnerable to the worm. Microsoft offers a free download to address those vulnerabilities.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
-
Speed Up Everything!
PCWorld shows you the secrets to improve performance on all your hardware.
-
Lenovo IdeaPad
See why the IdeaPad tablet is optimized for ultimate entertainment.
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
-
Android Dodges Apple iOS Address Book Debacle: But not by Much
-
Hacker Suspected in Pentagon, NASA Breaches is Arrested
-
Adobe Confirms New Zero-day Flash Bug
-
How to Become an Ethical Hacker
-
Apple: Apps That Take Your Contact Info Are in Violation, Fix Coming Soon
-
FBI Says Social Media Monitoring Won't Infringe Privacy Rights
-
How to Block Websites
-
Is Your Definition of Security Holding You Back?
-
How Do I See Who's Been Using My PC?
-
Piracy Driven by Overseas Film Release Lag Time, Researchers Say
-
Kill Web Trackers Dead
-
Online Dating Sites: Seek Love, Find Privacy Violations
Ad Choices