Netsky-V Worm Slithers Without Email Attachment

Sophos researchers have warned computer users to ensure that their PCs are properly patched against known Microsoft security vulnerabilities as the new Netsky-V worm (W32/Netsky-V) spreads without using email attachments to infect.

Other widespread versions of the Netsky worm have infected users by tempting them to double-click on an email attachment, but Netsky-V exploits security loopholes in Microsoft’s software that mean users can be hit just by reading an email. Emails containing the exploit, which can use subject lines such as ‘Converting message. Please wait…’ and ‘Please wait while loading failed message…’, attempt to download a copy of the worm from another user’s computer.

“Home users are especially vulnerable to this kind of attack as their computers are often not properly protected with a personal firewall or the latest anti-virus updates,” said Graham Cluley, senior technology consultant for Sophos. “Personal computer users should consider checking out Microsoft’s security update website, which can scan home PCs for security vulnerabilities and suggest which critical patches need to be installed.”

Sophos recommends that computer users monitor announcements from operating system, application and web server software vendors for details of new vulnerabilities found in their code. Many viruses have exploited loopholes in commonly used web browsers and email software to increase their chances of spreading effectively.

Loopholes are found in products on a weekly basis, some significant, some trivial.

“IT managers should keep abreast of these loopholes and apply patches where appropriate before new viruses come along to exploit them,” continued Cluley.

Every IT manager responsible for security at a business should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.asp. Other vendors offer similar services.

Home users of Microsoft Windows can visit windowsupdate.microsoft.com to have their systems scanned for Microsoft security vulnerabilities.

Further details about Netsky-V can be found at: