Wallon Worm Skirts Around Windows Patch Release By David Morgenstern May 12, 2004 UPDATED: A new worm, dubbed Wallon.A, arrives on the Internet, requiring a convoluted infection process. Skipping from page to page, the worm arrives on the host following a call to Windows Media Player. The latest exploit of Windows and Internet Explorer found its way into e-mail boxes in Europe on Wednesday with the arrival of the Wallon.A worm. According to security services, the new worm is considered a midrange threat and is continuing to spread in the wild. Wallon.A, reported by several security services such as F-Secure Corp. and Network Associates Inc.'s McAfee business unit, takes advantage of a known vulnerability in Windows. In fact, its rather convoluted action was covered under the security advisory MS04-013, released in April. Wallon's infection process is complicated. Unlike the ordinary e-mail worm that arrives in an attachment to a message, Wallon appears as a link in a message to a Yahoo page. But with redirection, the Yahoo connection leads to another page that delivers an encrypted link to yet another page that delivers a special downloader application. Read more here: http://www.eweek.com/article2/0,1759,1591569,00.asp Copyright =A9 1996-2004 Ziff Davis Publishing Holdings Inc. ~*~*~*~*~ To unsubscribe from our list send an email to hackfix-virusnews-request@xxxxxxxxxxxxx?Subject=unsubscribe. For a complete list of email commands for our list send an email to ecartis@xxxxxxxxxxxxx with a subject line of "info hackfix-virusnews" without the quotes. ~*~*~*~*~