W32/Badtrans.B@mm
| W32/Badtrans.B@mm |
Destructivity:  Spreading:  Overall risk: 
|
| • Detected by virus detection files published: 11/24/2001 | • Type: Worm |
| • Virus characteristics first published: 11/24/2001 | • Spreading mechanism: Email |
| • Virus characteristics latest update: 12/18/2003 | • Overall risk: Low |
| • Alias: | • Payload: Backdoor functionality |
| • Infection type: Microsoft Windows 95/98/98 SE/ME/NT 4/2000/XP/2003/Vista |
| Virus type |
Spreading mechanism |
Destructivity and payload |
Additional descriptions |
Detection and removal |
||||||||||
|
This worm, similar to the recent W32/Aliz and W32/Nimda worms, uses a special trick to execute even if a mail is just opened or previewed in Outlook/Outlook Express. This is accomplished using a known security hole "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment". Information and patch is available from: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp The security hole is a known issue with Internet Explorer versions 5.01 and 5.5 without SP2 . Users who have this configuration should apply the available patch. |
||||||||||||||