|
|
Another serious exploit of Microsoft Outlook's address book has recently
been seen on campus.
This virus threat, which the Symantec security response team recently upgraded
to a Category 3, is known variously as W32.Gibe@mm, WORM_GIBE.A, and W32/Gibe-A.
It uses Microsoft Outlook and its own SMTP engine to spread, arriving in an
email message disguised as a Microsoft security update. Unsuspecting users who
open the attached .exe file will become infected and their systems will then
be exposed to remote backdoor intrusions.
If you receive an email with content that resembles the
following, do not open the file attached to the message:
From: Microsoft Corporation Security Center
Subject: Internet Security Update
Message: Microsoft Customer, this is the latest version of security update,
the update which eliminates all known security vulnerabilities affecting Internet
Explorer and MS Outlook/Express as well as six new vulnerabilities
How to install
Run attached file Q216309.exe
Because this virus purports to be a security update, some naive users may be
taken in. Remember, it is never a good idea to open unsolicited attachments
of any kind--especially executable code (.exe files).
It is also essential to keep your antivirus software updated. W32.Gibe@mm was
added to the list of Norton AntiVirus LiveUpdate definitions on March 6. If
you have not installed Norton AntiVirus software or activated LiveUpdate, see
http://micro.uoregon.edu/av/ for
instructions.
To see Symantec's discussion of the virus, go to http://securityresponse.symantec.com/avcenter/venc/data/w32.gibe@mm.html