Last Updated: 2006-09-27 00:46:05 UTC
by Jim Clausing (Version: 1)
Last Updated: 2006-09-26 20:09:21 UTC
by Robert Danford (Version: 4)
The update can currently be found on Microsoft Update and is titled
Security Update for Windows XP (KB925486)
It is recommended that the patch be applied immediately (after testing) unless a suitable mitigation strategy is in place.
Update: Also, note that if you applied the ACL mitigation (removing Everyone Read access from the DLL), you will need to undo that before this update will apply successfully.
Thanks to everyone that submitted analysis, news, samples, malicious website reports, etc
Last Updated: 2006-09-26 12:29:30 UTC
by Patrick Nolan (Version: 1)
"Periodically checks for both fixed and removable drives starting with drive D: that are attached to the system and copies itself as the following file:
Creates the following file containing instructions to start the worm when the drive is attached to the system:
Please choose a specific diary above to comment