Security firms Wednesday warned that another virus began making its rounds on the Net this week, and this one is masquerading as a Microsoft security update.
The virus, a mass-mailing worm variously dubbed I-Worm.Gibe, W32/Gibe@mm, WORM_GIBE.A, etc., does not carry a destructive payload, but is capable of installing a backdoor Trojan which allows remote access to an infected system.
Gibe arrives as an attachment named Q216309.exe to a message that begins:
From: Microsoft Corporation Security Center
mailto:rdquest12@microsoft.com]
To: Microsoft Customer
Subject: Internet Security Update
Attachment: q216309.exe
Microsoft Customer,
this is the latest version of security update, the update which eliminates all known security vulnerabilities affecting Internet Explorer and MS Outlook/Express as well as six new vulnerabilities, and is discussed in Microsoft Security Bulletin
MS02-005. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your computer.