Discovered: May 25, 2006
Updated: February 13, 2007 12:55:45 PM
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
W32.Banwarum@mm is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer. The worm also spreads through the network by exploiting the Microsoft Windows ASN.1 Library Bit String Processing Variant Heap Corruption Vulnerability (as described in
Microsoft Security Bulletin MS04-007). The worm also opens a back door via HTTP access.
Protection
-
Initial Rapid Release version May 25, 2006
-
Latest Rapid Release version November 23, 2009 revision 049
-
Initial Daily Certified version May 25, 2006
-
Latest Daily Certified version November 24, 2009 revision 005
-
Initial Weekly Certified release date May 31, 2006
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Easy
Damage
Distribution
-
Distribution Level: Medium
Writeup By: Takayoshi Nakayama
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
