Panda Software, leading antivirus software producer, warns users of a new e-mail virus: W32/Frethem.K. While this e-mail worm carries a rather low threat level, it is spreading rapidly throughout Europe. The e-mail message carries only one subject field: "Re: Your password!" and, as Klez, exploits the vulnerability in Internet Explorer 5.01 and 5.5 that allows the virus to run automatically when the user views the message in the preview pane.
Unlike Klez, the worm carries only one subject line:
Re: Your password!
The text of the message reads as follows:
You can access
DO NOT SAVE
password to disk
use your mind
Attachments (attached files):
The initial variant of this worm, Frethem.G, appeared Saturday, with very few incidents reported. The variant, Frethem.K appeared this morning and is spreading rapidly throughout Europe, with many incidents reported in Denmark, Belgium, Spain and Asia. It is suspected the worm originated in Asia.
Panda Software has updated their signature files to detect and disinfect the Frethem.K worm and its variants. As the subject line is always the same, "Re: Your Password!" content filtering is suggested to prohibit the worm from entering the user's computer. Panda warns all users to exercise caution when viewing e-mail messages and attachments, and to update their virus signature files immediately from their website at: http://www.pandasoftware.com. Users whose computers have been infected by Frethem can download the updated version of the free disinfection tool PQREMOVE from http://www.pandasoftware.com. More information on W32/Frethem.K is available in Panda Software's Virus Encyclopedia at: http://www.pandasecurity.com.
It is also advisable to apply the security patch supplied by Microsoft that fixes the vulnerability exploited by the virus. This can be downloaded from: http://www.microsoft.com/technet/security/bulletin/MS01-020.ASP.
About the International Independent AV Developer:
Panda Software (http://www.pandasecurity.com) is a leading international developer of computer security software for all types of customers: corporate clients, small and medium sized companies and home users. Panda's 100% in-house, cutting-edge technology has received awards and quality certifications from the most widely respected IT security institutions. Panda Software was the first to allow truly automatic, daily signature updates, as well as centralized administration of antivirus protection, both of which have revolutionized the antivirus industry. The quality of Panda Software's products has been endorsed by the major industry watchdogs including Virus Bulletin, ICSA Labs and CheckMark.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.