Skip to main content
CNN International EditionTechnology
The Web    CNN.com     
Powered by
 
 
 
 
 
 
 
 
 
 
 
 
 
ON TV
 
 
 
 
 
 
 

Disguised worm evades antivirus software

From Marsha Walton
CNN


Story Tools

FACT BOX
Here's what users would see in the e-mail carrying the worm:

Subject: your account <account info>

Body:
Hello there,
I would like to inform you about important information regarding your email address. This email address will be expiring. Please read attachment for details.
---
Best regards, Administrator
Attachment: message.zip

ATLANTA, Georgia (CNN) -- Computer experts have warned of a computer worm that takes advantage of a flaw in Microsoft's Internet Explorer browser.

The latest problem is called "worm/MiMail.A," also known as W32.Mimail.A@mm.

It's a mass-mailing Internet worm that started spreading late Friday afternoon, and according to Central Command, a computer security company, caught many computer systems administrators by surprise.

"Most corporations have e-mail scanning programs that block the entry of a lot of potentially dangerous programs in incoming e-mails," said Steven Sundermeier of Central Command.

But this worm disguises itself by arriving as a zip file, he said, which most scanning programs allow. A zip file is usually a method of condensing information so it can move faster over the Internet.

If a user clicks on the attachment, the worm is launched and creates a mass-mailing of itself, which may clog mail servers or degrade network performance.

Once the problem was identified, corporate computer administrators began blocking e-mails that contained the "message.zip" attachment.

It's not clear what malicious payload MiMail.A might be carrying. Similar worms and viruses have cost companies money and time because their entire computer systems are slowed and clogged dealing with the problem.

In an unusual move Thursday, the Department of Homeland Security joined antivirus and computer security firms in warning about another vulnerability, this one in Microsoft's Windows operating system software.

The flaw, involving so-called "buffer overflows," can fool software into accepting insecure commands that could let intruders remotely take control of someone else's machine, with free rein to destroy or reformat the hard drive, create or destroy files, or scan the machine for passwords, financial or other personal information.

Government experts said hackers have tested new tools in recent days to seize unsecured computers.

Internet security firms issued similar warnings, saying they've seen increased chatter in hacker discussion groups and chat rooms about how to take advantage of Windows' vulnerability.

The company has already issued a patch to protect users against that vulnerability.

While there have not been reports of intruders using the flaw publicized Thursday, it appears to have much more damage potential.


Story Tools
Click Here to try 4 Free Trial Issues of Time! cover
Top Stories
Burgers, lattes and CD burners
Top Stories
EU 'crisis' after summit failure
 
 
 
 

CNN US
On CNN TV E-mail Services CNN Mobile CNN AvantGo CNNtext Ad info Preferences
SEARCH
   The Web    CNN.com     
Powered by
© 2005 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser.
CNN.com does not endorse external sites.
 Premium content icon Denotes premium content.