More reasons to beware less of Weapons of
Mass Destruction as much as “Weapons of Precise
Destruction”:
Worm
Wears A 'Patch' For Disguise
http://www.washingtonpost.com/wp-dyn/articles/A38195-2003Sep20.html
Sunday,
September 21, 2003; Page F07
The
latest virus to hit the Web poses as a security update from Microsoft and
takes advantage of a two-year-old weakness in Internet
Explorer.
Disguised
as an official e-mail from Microsoft, the file comes attached to a note asking
the recipient to install a "September
2003, cumulative patch"
to protect against vulnerabilities in Microsoft's Internet Explorer Web
browser and Outlook and Outlook Express e-mail
programs.
If
installed, the program, known as Swen
or Gibe.F,
attempts to disable firewall and antivirus software, gather password
information and replicate itself via e-mail, as well as the Kazaa peer-to-peer
network and Internet Relay Chat
instant-messaging.
Internet
security firms are reporting a wide distribution of the worm online; McAfee
Security rated the malicious program a "medium" risk to home users and a "low"
risk to corporate users, who are more likely to have updated security
software.
The
virus-laden e-mail looks like an authentic missive from the Redmond, Wash.,
software developer (aside from a few grammatical errors), but a spokeswoman
for Microsoft said this week that it doesn't send security updates in e-mail.
They're all distributed through Microsoft's Web site (windowsupdate.microsoft.com).
The
Swen virus could affect users running Windows 95, Windows 98, Windows Me,
Windows NT, Windows 2000 and Windows XP. It does not affect other operating
systems. -- Mike Musgrove
