Lunarpages Web Hosting Forum

Author Topic: KLEZ Worm now Medium Risk  (Read 1582 times)

Offline TWebMan

  • Quantum Encyclopedia Writer
  • *****
  • Posts: 3047
    • Take charge of your site
KLEZ Worm now Medium Risk
« on: May 04, 2002, 08:00:00 AM »
This virus is spreading rather quickly lately.  It is a worm that sends itself to a user's address book to spread.  But unlike others, it may spoof the FROM address, making it look like it's someone else (mail headers will show true origin.
THIS BUG AUTO-EXECUTES when attached in Outlook/Outlook Express IF you don't have your security settings correct.  Take a look at:

This is a nasty little bug.  Besides infecting executables and degrading system performance, here's what AVERT says:
"There is a date-activated payload associated with this threat. On the 6th day of March, May, September, or November, the virus may overwrite local and network files containing the following extensions, with zeros: .txt, .htm, .html, .wab, .doc, .xls, .jpg, .cpp, .c, .pas, .mpg, .mpeg, .bak, or .mp3."

When a file is overwritten with zeros, it's pretty much gone.

[ May 04, 2002: Message edited by: TWebMan ]

"Computers cause people to make more mistakes than any other invention in history, with the possible exception of handguns and tequila."  - Unknown
"Liberty of any kind is seldom lost all at once." - D. Hume
Every day is an Ode to Joy
The planet will be fine... and so will your site