|
|
| BASSO |
Alias: |
W32/Wallon.worm.a, I-Worm.Wallon |
| |
Tipo: |
Internet Worm |
| |
Dimensione: |
36,352 Bytes |
| |
Piattaforma: |
Windows 95/98/Me/NT/2000/XP |
| |
|
|
| |
Descrizione: |
Worm/Wallon is an Internet worm that exploits the Microsoft MHTML vulnerability. This vulnerability allows files to be automatically downloaded within MS Outlook Express.
The worm arrives through e-mail in the following format:
Subject: Re
Body:
Contains a fake URL that appears to point to the site, h_ttp://drs.yahoo.com//NEWS
Attachment:
If the system is not patched, it will copy itself to the C:|\ drive under the filename "Alpha.exe". This action will happen without any user interaction. The copied file Alpha.exe reads the user's SMTP setting. It opens the Windows Address Book and the users Outlook Address Book and sends the emails. |
| |
Consigli: |
|
| |
|
|
| |
Link Utili: |
http://punto-informatico.it/salvapc/index.asp |
| |
|
http://www.centralcommand.com/virus_descriptions.html |
|
|
|
