F-Prot Slipping

Raymond Dijkxhoorn raymond at PROLOCATION.NET
Thu Aug 14 07:47:40 IST 2003


Hi!

> worm targets only Windows 2000 and Windows XP machines. While Windows NT and
> Windows 2003 Server machines are vulnerable to the aforementioned exploit
> (if not properly patched), the worm is not coded to replicate to those
> systems. This worm attempts to download the msblast.exe file to the
> %WinDir%\system32 directory and then execute it. The worm has no
> mass-mailing functionality.

Its allready mutated also btw and spreading woth new names now. Most
likely to trick the quick removers that are out currently.

Bye,
Raymond.



More information about the MailScanner mailing list