| Security Update |  |
 |
|
'Swen' worm poses as security patchA new worm has the potential to spread quickly because it appears to be a legitimate security update from Microsoft. It uses a vulnerability in Internet Explorer to execute directly from an email message. The virus, which attempts to disable firewall and antivirus software, first appeared on Thursday, September 18th. It installs various files to ensure that it is launched every time the system boots up. It also disables the user's ability to edit the Registry. One of the emails Swen uses to spread is a professional-looking message that appears to come from "MS Technical Assistance", and contains a notification of a "September 2003, Cumulative Patch", along with the virus attachment. Click the following links for more information. 'Swen' worm poses as security patch09.18.2003
F-Secure Virus Descriptions : Swen
zdnet.com 09.18.2003
Virus Information
F-Secure 09.18.2003
Network Associates Please remember that Microsoft does not distribute updates via email attachments. |