Started to appear last Tuesday... there is a new variant of last year's bugbear worm.

W32/Bugbear.B@MM worm spreads via e-mail and network shares.

article....

[b]Bugbear PC worm spreading fast [/b]

[i]Variant attacks security systems through Inernet Explorer, could cause loss of confidential data. [/i]

[url]http://money.cnn.com/2003/06/05/technology/bugbear.reut/[/url]

SEATTLE (Reuters) - A variant of the Bugbear worm, which spread around the Internet last October, opening back doors on computers and logging keystrokes, has started to infect users around the world, putting them at risk of losing confidential information.

The Bugbear variant is better at using addresses in a user's e-mail program, sending itself to those addresses using the infected user's identity, said David Emm a marketing manager for Network Associates Inc.'s Anti-Virus Emergency Response Team.

The new worm also sends mail with familiar subject lines such as "Interesting...", "Just a reminder" and "Hi!" to try and get any recipients to open e-mail containing the worm.

Once activated, the Bugbear variant tries to disable security programs and starts to snoop on an infected system.

"There's potential for confidential data to be lost," Emm said.

Bugbear takes advantage of a known vulnerability in Microsoft Corp.'s (MFST: Research, Estimates) Internet Explorer and can be run automatically simply by reading the e-mail and not opening the attachment. It also can spread via other e-mail programs, but it will not automatically be run in the same way.

Bugbear first emerged Tuesday, but has begun to pick up steam since then, computer security analysts said.

Several computer security firms have developed security patches for the worm that can be downloaded to prevent infections.

also, there is a new new patch available = [url]http://v4.windowsupdate.microsoft.com/en/default.asp[/url]

I've known about this little vulnerability for years, and MS still has not corrected it... maybe they can be held liable, financially? hehe