FYI Worm Alert!

Tutorials Win: Microsoft Windows Forum

The following may be of interest to those concerned about the safety of their
PCs.
--
Mike Maltby MS-MVP
mcmaltby@hotmail.com


As you may already know, there's a new worm very rapidly spreading, called
Mimail. Antivirus updates are being developed or released as we speak. The
email will look like the one below:

==========================
FROM: admin@yourdomain.com
SUBJECT: your account
ATTACHMENT: message.zip

Hello there, I would like to inform you about important information
regarding your email address.
This email address will be expiring. Please read attachment for details.

Best regards, Administrator
==========================

The usual mitigation techniques should work -- installing updates as they're
released, user education, blocking email or attachments at gateway points
based on any of the characteristics listed above, configuring corporate
firewalls to alert on or block outbound connections on TCP port 25 from all
IP addresses that are not approved internet email servers, etc.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.
A
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.A&VSect=T
http://www.sarc.com/avcenter/venc/data/w32.mimail.a@mm.html
http://vil.nai.com/vil/content/v_100523.htm
Top

Re: FYI Worm Alert! by totojepast

totojepast
Sat Aug 02 06:12:53 CDT 2003

There is a chart available at
http://www.viry.cz/go.php
showing when were the antivirus databases updated - Kaspersky, F-Prot
and Trend Micro seem to be the fastest upgraded antiviruses.

However, was any antivirus able to detect Mimail by a heuristic
analysis or as an HTML exploit?


"Mike M" <No_Spam@Corned_Beef.Only> wrote in message news:<ulTCJNIWDHA.1744@TK2MSFTNGP12.phx.gbl>...
> The following may be of interest to those concerned about the safety of their
> PCs.
> --
> Mike Maltby MS-MVP
> mcmaltby@hotmail.com
>
>
> As you may already know, there's a new worm very rapidly spreading, called
> Mimail. Antivirus updates are being developed or released as we speak. The
> email will look like the one below:
>
> ==========================
> FROM: admin@yourdomain.com
> SUBJECT: your account
> ATTACHMENT: message.zip
>
> Hello there, I would like to inform you about important information
> regarding your email address.
> This email address will be expiring. Please read attachment for details.
>
> Best regards, Administrator
> ==========================
>
> The usual mitigation techniques should work -- installing updates as they're
> released, user education, blocking email or attachments at gateway points
> based on any of the characteristics listed above, configuring corporate
> firewalls to alert on or block outbound connections on TCP port 25 from all
> IP addresses that are not approved internet email servers, etc.
>
> http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.
> A
> http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.A&VSect=T
> http://www.sarc.com/avcenter/venc/data/w32.mimail.a@mm.html
> http://vil.nai.com/vil/content/v_100523.htm
Top