FC: Nasty new "W32/KLEZ.H" worm thrashes Microsoft Outlook users

From: Declan McCullagh (declanat_private)
Date: Sun Apr 28 2002 - 09:44:25 PDT

Next message: Declan McCullagh: "FC: Privacy villain of the week: Sen. Dick Durbin, nat'l ID, and AAMVA"

Previous message: Declan McCullagh: "FC: Replies to cops don't need warrants to bug, track vehicles"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Sat, 27 Apr 2002 10:45:57 -0400 (EDT)
From: "John F. McMullen" <observerat_private>
To: johnmacsgroupat_private
cc: Dave Farber <farberat_private>, <declanat_private>,
         Open Source Intelligence Network <osintat_private>
Subject: A New Risk to Computers Worldwide

 >From the New York imes --
http://www.nytimes.com/2002/04/27/technology/27VIRU.html?todaysheadlines

A New Risk to Computers Worldwide
by John Schwartz

A rogue computer program that is the online equivalent of a quick-change
artist is infecting computers around the world via e-mail and clogging
computer networks.

The program, W32/KLEZ.H, is a "blended threat," combining elements of a
virus, which infects machines, and a worm, which transports itself from
machine to machine. It also tries to disable some antivirus programs.

It makes itself hard for users to spot by changing its e-mail subject
line, message and name of the attachment at random, drawing from a
database that includes, for example, such subject lines as "Hello, honey,"
and "A very funny website."

The program has grown increasingly common as users unknowingly activate it
sometimes without even opening the e-mail attachment that carries the
virus  and allow it to send copies of itself to those in the victim's
e-mail address file.

"It is exploding," said Keith Peer, chief executive of Central Command, a
computer security company.

The rapid spread of the program caused Symantec and McAfee.com, two
prominent computer protection companies, to upgrade their warnings about
it in recent days; Symantec said on its Web site that it now considered
the program a "category 4" risk, its second-highest ranking.

The program exploits vulnerable spots in computer programs, most notably a
problem in earlier versions of Microsoft's mail programs, Outlook and
Outlook Express, which allows some types of computer programs to be
activated even if they are in the "preview pane."

[...]

-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
Declan McCullagh's photographs are at http://www.mccullagh.org/
-------------------------------------------------------------------------
Sign this pro-therapeutic cloning petition: http://www.franklinsociety.org
-------------------------------------------------------------------------

Next message: Declan McCullagh: "FC: Privacy villain of the week: Sen. Dick Durbin, nat'l ID, and AAMVA"
Previous message: Declan McCullagh: "FC: Replies to cops don't need warrants to bug, track vehicles"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Apr 28 2002 - 11:18:10 PDT