Winevar worm sets sites on Symantec


ComputerWire: IT Industry Intelligence

Internet viruses have for some time targeted anti-virus tools with their destructive payloads, but Winevar, which is spreading in the wild this week, tries to execute a denial of service attack against Symantec Corp's web site, an anti-virus firm warned yesterday.

Kaspersky Labs warned that Winevar attempts to remove all security programs, including anti-virus, firewall and debugger software, from memory and disk. It then installs the FunLove virus on the machine and tries to DoS with an HTTP flood.

The virus attempts to exploit two security holes in Internet Explorer, components of which are used to render HTML in email clients including Outlook, to run itself without any required user intervention. If the system is patched but the user launches the attachments anyway, they are also infected.

© ComputerWire

Sponsored: Go beyond APM with real-time IT operations analytics