    
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Network Security
Welcome to our security bulletin for February 2002;
W32/Klex.gen@MM and variants (19th February 2002)
Several recently-discovered instances of this virus have come to light. Although a relatively old virus, it has recently been updated and is particularly unpleasant in that it has the ability to fake the sender's email addresses when mailing out its payload to randomly-selected recipients in the user's WAB (Windows Address Book). The payload, disguised but often an executable, is often rejected by email systems (eg Hermes and Freeserve), the rejected message then being returned to the original faked sender, who not unnaturally becomes somewhat indignant.
Particularily at risk are users with their own machines who have not recently patched IE/Outlook. The virus is spread via shares as well as email. Details of the virus and how to clean it can be found at: http://vil.nai.com/vil/content/v_99237.htm
Recent versions of VirusScan should provide some protection against the virus (DAT 4168 and above), but users are as usual encouraged to update to the current DAT (4186). Note: the full headers of a fake message normally include the name of the machine from which the message was sent, which should help to trace infected machines.
Old security bulletins are stored in our archive
If you have a security issue or are looking for Internet security services, contact us to see what we can do for you.
