DAWN Ontario: DisAbled Women's Network Ontario

Technology Info, Tips, FAQs
You Can Use

Virus Information

W32.Mimail.A@mm
Virus Alert dd August 2, 2003

 

Beware of a new computer virus/worm, discovered yesterday, which is spreading rapidly by email. Symantec calls the virus "W32.Mimail.A@mm" but it goes by other names as well.

It appears to be a warning message from your Internet provider (e.g. "admin@yourdomain.com")

Subject: your account [random characters]
Attachment: message.zip

The official looking message says your email address will expire and urges you to read the attached message for details. DO NOT click on or open the attachment.

This virus takes advantage of a known security problem in Microsoft Outlook. (Although this problem was fixed in April, many people haven't updated Outlook, so the virus is getting through.)

For complete details from Symantec, follow this link: http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.a@mm.html

For W32.Mimail.A@mm removal tool, follow this link: http://securityresponse.symantec.com/avcenter/venc/data/w32.mimail.a@mm.removal.tool.html

Remember you should never click on or open a file that arrives by email unexpectedly, even if it appears to be from someone you know or trust.

From Symantec

W32.Mimail@mm is a worm that spreads by email, and that steals information from a user's machine. The email has the following characteristics:

Subject: your account %s
Attachment: message.zip

NOTE: %s refers to a variable string.

The threat captures information from certain windows on a user's desktop and emails it to specific mail addresses.

This threat takes advantage of a known vulnerability. Information about this vulnerability and a Microsoft patch is located at: http://support.microsoft.com/default.aspx?scid=kb;en-us;330994

System administrators are encouraged to apply the Microsoft patch to prevent infection by this worm. The worm is packed with UPX.

Virus definitions with a version number of 50801r, also known as August 1, 2003 rev 18, or greater will detect this threat.

Symantec Security Response has created a tool to remove W32.Mimail.A@mm.

Also Known As: WORM_MIMAIL.A [Trend], W32/Mimail@MM [McAfee], Win32.Mimail.A [CA], W32/Mimail-A [Sophos]

Type: Worm
Infection Length: approximately 16kb

Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me

Systems Not Affected: Macintosh, OS/2, UNIX, Linux

 

back to Technology Content Index


Return to DAWN Ontario

Events Calendar
events, conferences etc

Featured News & Alerts

What's New
additions to the site indexed daily

Contact Us

Sign our Guestbook!


Website created & maintained
courtesy of Barbara Anello

DAWN Ontario
Box 1138 North Bay, ON P1B 8K4