Disguised worm evades antivirus software
From Marsha Walton
ATLANTA, Georgia (CNN) -- Computer experts have warned of a computer worm that takes advantage of a flaw in Microsoft's Internet Explorer browser.
The latest problem is called "worm/MiMail.A," also known as W32.Mimail.A@mm.
It's a mass-mailing Internet worm that started spreading late Friday afternoon, and according to Central Command, a computer security company, caught many computer systems administrators by surprise.
"Most corporations have e-mail scanning programs that block the entry of a lot of potentially dangerous programs in incoming e-mails," said Steven Sundermeier of Central Command.
But this worm disguises itself by arriving as a zip file, he said, which most scanning programs allow. A zip file is usually a method of condensing information so it can move faster over the Internet.
If a user clicks on the attachment, the worm is launched and creates a mass-mailing of itself, which may clog mail servers or degrade network performance.
Once the problem was identified, corporate computer administrators began blocking e-mails that contained the "message.zip" attachment.
It's not clear what malicious payload MiMail.A might be carrying. Similar worms and viruses have cost companies money and time because their entire computer systems are slowed and clogged dealing with the problem.
In an unusual move Thursday, the Department of Homeland Security joined antivirus and computer security firms in warning about another vulnerability, this one in Microsoft's Windows operating system software.
The flaw, involving so-called "buffer overflows," can fool software into accepting insecure commands that could let intruders remotely take control of someone else's machine, with free rein to destroy or reformat the hard drive, create or destroy files, or scan the machine for passwords, financial or other personal information.
Government experts said hackers have tested new tools in recent days to seize unsecured computers.
Internet security firms issued similar warnings, saying they've seen increased chatter in hacker discussion groups and chat rooms about how to take advantage of Windows' vulnerability.
The company has already issued a patch to protect users against that vulnerability.
While there have not been reports of intruders using the flaw publicized Thursday, it appears to have much more damage potential.