Mass Mailing Worm “Wallon” May 18th, 2004

Vinod Kumar

Microsoft is aware of reports of a new mass mailer worm named Wallon that attempts to entice users into visiting a spoofed web site. If visited, a malicious Windows Media Player file, “wmplayer.exe” is downloaded into the user’s machine which overwrites a user’s existing Windows Media Player file. The PC becomes infected and the malicious Windows Media Player executable file is immediately launched. This allows the worm to then send itself to all contacts in a computer’s address book. * Customers running Windows Media Player 7.1, Windows Media Player for XP and Windows Media Player 9 Series on any version of Windows that have not installed MS04-013 are impacted by Wallon if they have received the email and visited the malicious website which appears to users as

www.security-warning.biz.

This worm exploits the vulnerability fixed in Microsoft Security Update MS04-013 on April 13, 2004.

Customers who have applied MS04-013 are protected from infection by Wallon. The MS04-013 security update is available at www.microsoft.com/technet/security/bulletin/ms04-013.mspx or through Windows Update.

Source : Abhishek Kant (MVP Lead)

Tags:

This entry was posted on Tuesday, May 18th, 2004 at 19:49 and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.


One Response to “Mass Mailing Worm “Wallon””

  1. Sudhakar says:

    BTW, abhishek blogs at http://abhishekkant.blogspot.com…cheers :)

Leave a Reply