Fw: Panda Security Watch - Klez.I - 7.2% of all computers infected

[Guest guest]

- Dan at Panda Software

john_david (AT) jennings39 (DOT) freeserve.co.uk

Monday, April 29, 2002 6:12 PM

Panda Security Watch - Klez.I - 7.2% of all computers infected

Virus Alert

[You are receiving this email because you opted in to Panda Security Watch. To

, ]

Klez.I - 7.2% of All Computers Infected!

Panda Software warns users to be on guard against attacks from the new Klez.I

worm. An independent survey conducted by Panda Software reveals that 7.2% of

computers on the planet have been infected by the many variations of this

highly damaging worm. This makes Klez more rampant world-wide than Sircam or

Nimda were.

Both the subject and the text of the infected e-mail are highly variable, making

Klez.I even more difficult to recognize.

The worm is also designed to spread rapidly by sending itself out via an SMTP

connection to all entries in the Windows address book and any others in the

machine. It is also capable of changing the sender's address to that of any

other found in the system so that the apparent sender of the infected message

may not even have been infected by the worm.

Klez.I also randomly overwrites executable files in the system and releases a

polymorphic virus called W32/Elkern.C, which is capable of infecting a large

number of files. All of this may not cause visible damage during the initial

phases of the attack, so the user might not realize that they have been hit. In

the longer term, however, an infection from this virus could cause problems

which prevent the computer from functioning properly. Klez.I can even block

some applications which are in memory when the attack takes place.

Finally, it is important to remember that the attached file containing the

Klez.I virus executes simply when the message is viewed in the preview pane.

This is due to a known vulnerability in Microsoft Internet Explorer. The

security patch supplied by Microsoft that fixes this vulnerability can be

downloaded from:

http://www.microsoft.com/technet/security/bulletin/MS01-020.ASP. For this

reason, Panda Software advises all users to immediately update their antivirus

signature files BEFORE opening their e-mail programs and reading or previewing

any mail.

Panda Software solutions detect and eliminate both Klez.I and W32/Elkern.C and

the company advises users to update their antiviruses immediately from the

Panda Software website at: http://www.pandasoftware.com.

Given the characteristics of Klez.I, Panda advises users to treat all e-mails

received with caution, even when coming from trusted sources. Any users whose

computers have been affected by Klez.I, can download the updated version of the

free disinfection tool PQREMOVE from the following address

http://www.pandasecurity.com/Disinfect.asp?ID=33, where there is also detailed

information about this virus.

NOTE: The addresses above may not show up on your screen as single lines. This

would prevent you from using the links to access the web pages. If this

happens, just use the 'cut' and 'paste' options to join the pieces of the

URL.Get active about virus protection...Panda ActiveScan is a free online

antivirus tool available to anyone. Updated daily, it offers protection against

even the latest generation viruses. (click here).

ActiveScan is also available to webmasters who want to enchance website appeal

by providing visitors with free and effective virus protection. Administrators

can request the HTML code at

http://www.pandasecurity.com/activescan-for-websites.htm.

Panda Virus Protection Options :

Free Panda ActiveScan

Panda Antivirus Titanium

Panda Global Virus Insurance

Free, one-time, browser-based virus scan, not resident on your system

Permanent virus protection, always resident on your system, and updates

automatically whenever you go on the Internet

Professional, award-winning virus protection for your network

Or Visit Our Web Site :

Network Antivirus | Antivirus for Exchange | Panda Antivirus Platinum | Panda

Antivirus TitaniumDemo Downloads | Buy Software Products | O3 Newsletter |

Services | Why Panda? | Affiliate ProgramHome | Contact Us | Corporate |

International Site | Press