July 17, 2001

Internet worm purports to be a Microsoft security bulletin

Author: JT Smith

Infoworld: "In an announcement on its Symantec Antivirus Research Center (SARC) Web site, Symantec
said that the W32.Leave.B.Worm is a variant of the W32-Leave.worm identified several
weeks ago by the FBI's National Infrastructure Protection Center.

What's new, said Patrick Martin, SARC's development manager, is that this is apparently the
first time that a virus or worm has been distributed using a faked Microsoft security bulletin.
"It's a sneaky way to get on your system," Martin said. "We've just never seen them use the
tactic of a security bulletin as a guise."


  • Linux
Click Here!