Technology Info, Tips, FAQs
You Can Use

Virus Information

W32.Bugbear.B@mm

Virus Alert dd June 05, 2003

Confirmed Virus Alert: http://www.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.html

Last Updated on: June 05, 2003 11:17:46 PM

Due to the number of submissions received from customers, Symantec Security Response has upgraded this threat to a Category 4 from a Category 3 threat.

W32.Bugbear.B@mm worm is:

• A variant of W32.Bugbear@mm.
• A mass-mailing worm that also spreads through network shares.
• Polymorphic and also infects a select list of executable files.
• Possesses keystroke-logging and backdoor capabilities.
• Attempts to terminate the processes of various antivirus and firewall programs.

The worm uses the Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability to cause unpatched systems to auto-execute the worm when reading or previewing an infected message.

Because the worm does not properly handle the network resource types, it may flood shared printer resources, which causes them to print garbage or disrupt their normal functionality.

Symantec Security Response has created a tool to remove W32.Bugbear.B@mm, which is the easiest way to remove this threat.

Also Known As: Win32.Bugbear.B [CA], W32/Bugbear.b@MM [McAfee], PE_BUGBEAR.B [Trend], W32/Bugbear-B [Sophos], I-Worm.Tanatos.b [KAV], W32/Bugbear.B [Panda], Win32/Bugbear.B@mm [RAV]

Type: Virus, Worm

Infection Length: 72,192 bytes

Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me

Systems Not Affected: Windows 3.x, Macintosh, OS/2, UNIX, Linux

CVE References: CVE-2001-0154

back to Technology Content Index

Return to DAWN Ontario

Events Calendar
events, conferences etc

Featured News & Alerts

What's New
additions to the site indexed daily

Contact Us

Sign our Guestbook!

Website created & maintained
courtesy of Barbara Anello

DAWN Ontario
Box 1138 North Bay, ON P1B 8K4