[virusinfo] Trend Micro Medium Risk Virus Alert - WORM_WALLON.A

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Tue, 11 May 2004 15:41:32 -0700

From; Trend Micro Newsletters:

As of May 11, 2004, 8:54 AM (GMT -07:00; Daylight Saving Time), TrendLabs
has declared a Medium Risk Virus Alert to control the spread of
WORM_WALLON.A. TrendLabs has received Several infection reports indicating
that this malware is spreading in Germany and EMEA.

This mass-mailing worm exploits certain vulnerabilities found on Windows
systems.
More information about these vulnerabilities can be found on the following
Web sites:

MS04-004:
http://www.microsoft.com/technet/security/bulletin/ms04-004.mspx 
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=MS_IE_VULNERA
BILITIES

MS04-013:
http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx 
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=MS04-013_MS_O
UTLOOK_EXPRESS

This worm exploits these vulnerabilities in order to download various files
into the infected system.


TrendLabs will be releasing the following EPS deliverables:

            TMCM Outbreak Prevention Policy 114
            Official Pattern Release 889
            Damage Cleanup Template 341


For more information on WORM_WALLON.A, you can visit our Web site at:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_WALLON.A


Description:

As of May 11, 2004 8:54 AM (GMT -07:00; Daylight Saving Time), TrendLabs has
declared a medium risk alert to control the spread of this malware. Several
infection reports have been received indicating that this worm is spreading
across Germany and EMEA. 

This mass-mailing worm sends out an HTML-based email message containing a
hyperlink. This link redirects a user to a Web site that downloads some of
this worm's components into the system. 

It gathers its recipients from the local machine's Windows address book
(WAB), then uses the currently logged-on user's email account details for
its spammed email. 

This worm may attempt to download an adware program, open multiple Internet
connections to a porn Web site, and attempt to contact the following email
address, possibly for notification purposes: 

1@xxxxxxxxxxxxxxx
It runs on Windows 95, 98, NT, ME, 2000, and XP.


*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Trend Micro Medium Risk Virus Alert - WORM_WALLON.A

1. Home
2. virusinfo
3. Archive
4. 05-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---