Note detection for Aliz has been in both NAV and Scan since May. Detection for Badtrans.B, Scan's 4168 DATs or later are able to detect it. (That's a month ago.) NAV needs an update. Jimmy -----Original Message----- From: Scott Elam To: crime@private Sent: 11/26/01 3:33 PM Subject: CRIME W32.Aliz.Worm The above worm has also just been upgraded to a 4 (out of 5) by Symantec (sorry Jimmy). Have your employees update their virus definitions if they don't normally do it daily. Aliz is a very simple worm but uses the Outlook MIME bug that allows your PC to be automatically exploited. http://www.sarc.com/ Scott -- Scott.Elam@private Sun Microsystems / Network Security Group / Computer Emergency Response Team -------- Original Message -------- Subject: CRIME W32.Badtrans.B@mm Date: Mon, 26 Nov 2001 11:36:49 -0800 From: "T. Sugahara" <sugahara@private> To: <crime@private> If you haven't already heard: W32.Badtrans.B@mm is a MAPI worm that emails itself out as one of several different file names. This worm also drops a backdoor trojan that logs keystrokes. It's current distribution is extremely high. I have received over 50 e-mails with the worm. Please secure your networks against .pif's and .scr's if you haven't already. Apologies if this is a repeat. T. Kenji Sugahara Chief Operations Officer Counterclaim
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:33:13 PDT