An email worm that can install itself on some computers without requiring the user to click on an attachment has started to infect networks.
Variously called Verona, I-worm.Bleba or Romeo&Juliet, the latter being one of 12 random messages the subject line bears, it exploits a reported hole in Microsoft's Outlook and Outlook Express email clients and its Internet Explorer 5.5 browser.
The worm, discovered in Poland on 16 November, exploits a compressed help file format known as a .chm file, but a report posted to the Bugtraq security list states that users can avoid it by disabling active scripting on their browser settings.
Denis Zenkin, head of corporate communications at Kaspersky Labs, said: "This is similar in form and effect to the music worm, [except that] the user only needs to open the email for it to run."
The worm can be identified by one of its 12 subject headers. These are:
ble bla, ble
I Love you :)
Hey You !
Matrix has you...
Once the user views the email, the worm saves two HTML attachments to c:\windows\temp and begins the process of sending emails to all the addresses in the victim's Microsoft Outlook address book.
Microsoft receives a 30 per cent cut of all purchases on the Xbox digital store
Credit card thieves used Apple ID accounts to buy and sell virtual currency for Clash of Clans and Clash Royale and Marvel Contest of Champions
$5.1bn fine further evidence that the EU is anti-US, claims Trump
New cable will connect Virginia to France