A new email worm that targets Microsoft Outlook users is making the rounds on the Internet this week, causing the same sort of problems as earlier Trojan-style hacks such as SirCam. Dubbed W32/BadTrans-B, the new worm doesn't take advantage of a new Outlook vulnerability but attacks known vulnerabilities that Microsoft patched months ago. So although most corporations are already protected against this kind of attack, the W32/BadTrans-B worm seems to be causing considerable problems for home users, many of whom aren't aware of the relevant security updates. For this reason, security experts now consider W32/BadTrans-B to be a high risk.
The worm announces itself with an email containing either a subject line that reads "RE:" or a blank subject line. The messages contain an empty text message and an infected attachment file that could have an image- or music-related three-letter suffix. But the attachment contains the worm, which can automatically execute itself on unprotected systems. The worm then spreads by sending itself to the addresses of any unread email in the user's inbox. W32/BadTrans-B also includes a key-logging program that could send hackers records of any keystrokes the user makes, potentially offering up passwords, credit card numbers, and other personal information.
For more information and download fixes for this worm, visit the Security Administrator Web site.