New virus preys on old IE flaw

By Ina Fried
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
- Google
- Newsvine
- Yahoo! Bookmarks
- Twitter
- Stumbleupon
E-mail
Print

Related Stories: MSBlast copycat set to pounce, firm says
September 16, 2003; New Windows virus may hit soon
September 10, 2003; Windows flaws allow PC takeover
September 10, 2003

A new e-mail worm has started to spread quickly, taking advantage of an Internet Explorer vulnerability that was first disclosed two years ago.

The bug, which has been alternately dubbed Swen and Gibe.F, appears to exploit a flaw that Microsoft first disclosed in a March 2001 security bulletin.

Ken Dunham, manager of malicious code intelligence for Reston, Va.-based iDefense, said that Swen preys upon people's best intentions, appearing as an e-mail that purports to be a security update from Microsoft.

The worm is programmed to send an official-looking e-mail that says it contains a "cumulative patch" for several Internet Explorer, Outlook and Outlook Express vulnerabilities.



		Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.

A Microsoft representative noted that the software maker does not send out patches as e-mail attachments.

In addition to spreading via e-mail, experts said, Swen can be transmitted over services such as Internet relay chat (IRC) and through peer-to-peer networks. The virus turns on file sharing--if it is not already turned on--and creates a shared directory with multiple copies of itself under various file names, said Kevin Haley, a group product manager at Symantec Security Response. Among the files Swen tries to disguise itself as are virus removal tools.

Haley said the social engineering that the virus writer used is most troubling.

"Those things are pretty interesting and pretty dangerous," he said.

The threat posed by Swen is rated fairly low by antivirus companies such as McAfee and Symantec, despite the worm's growing prevalence. "It doesn't look like it is causing a lot of trouble at least right now," Haley said. The threat is somewhat higher for home users and users outside the United States who are more likely to be using older, unpatched software, McAfee said.

"Swen is quickly gaining ground in Europe and has the potential to become very widespread in a short period of time," Dunham said in an e-mail.

The emergence of Swen comes as security companies have warned that a potentially major bug could soon emerge based on a recently disclosed Windows vulnerability. Experts said earlier this week that code that could quickly be used to create such a bug are already being distributed on underground hacker sites.

Latest tech news headlines

Ellison's mantra: Spend, baby, spend
Posted in Coop's Corner by Charles Cooper

October 10, 2008 4:13 PM PDT
President signs broadband data collection bill
Posted in News - Politics and Law by Stephanie Condon

October 10, 2008 3:59 PM PDT
Microsoft to announce Silverlight 2.0 on Monday
Posted in Beyond Binary by Ina Fried

October 10, 2008 3:43 PM PDT
See all headlines

Resource center from News.com sponsors

You Need The Speed of Norton 2009

Introducing Norton Internet Security™2009

With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
Week in review: Tech stocks tumble
Of course it wasn't just technology stocks that took a dive this week, but industry leaders are doing some serious worrying about what lies ahead.
Gallery
Photos: Cracking open Apple's revamped iPod Nano
News - Apple
Apple, eBay stocks rise as Dow goes on wild ride
Two notable technology stocks swam against the tide Friday, with shares rising in the positive territory for most of the day.
Coop's Corner
Ellison's mantra: Spend, baby, spend
It may be hell out there, but Oracle's chief tells shareholders the company still intends to shop for more acquisitions.
Video
Sprint launches Xohm WiMax
News - Digital Media
YouTube beams up 'Star Trek' for long-form video
YouTube gets Beverly Hills 90210, MacGyver, and Star Trek in a test of longer-form video that's theatrically presented and interrupted by ads.
Video
Talking with Newt Gingrich on tech, bailout
News - Politics and Law
President signs broadband data collection bill
The Broadband Data Act encourages wider collection of information regarding nationwide access to broadband.
News - Cutting Edge
Academics sink teeth into Yahoo search service
Yahoo hopes its Build Your Own Search Service program has piqued the interest of academic researchers. Next stop: start-ups.
Gallery
Photos: Messenger returns to Mercury
Crave
Ubiquitous Netbooks, a cheap Acer, and WiMax cometh: The week in laptops
Netbooks are everywhere (still), this time from Asus and MSI. Also, more cheap laptops and Best Buy's Blue Label. It's the week in laptops!
Green Tech
Urban wind power inspired by ancient Persia
The shape of urban wind power continues to morph. The latest twist come from Windation, a company with a design inspired by centuries-old "wind catchers."