SecurityFocus warns of fake Nimda fix
US computer security firm SecurityFocus has warned it is not responsible for an e-mail and file attachment bearing its name,...
In a warning posted to the company's "Incidents" mailing list yesterday, the company said it believes the attachment could be a Trojan horse program that could damage users' systems if opened.
The e-mail claims to come from SecurityFocus and anti-virus firm TrendMicro.
"The messages come with an executable attachment named fix_nimda.exe," the company warned. "Do not run this attachment. These messages do not come from us or TrendMicro, as a quick check of the headers will reveal. Common sense and best practices indicate that you should not execute any code that come[s] via e-mail unless you authenticate the source of the message."
The Nimda worm, reports of which first began flooding into mailing lists and security firms two weeks ago, is a mass-mailed piece of malicious code that infects systems running Microsoft's Windows 95, 98, ME, NT and 2000.
Unlike other worms and viruses, Nimda spreads via both network-based e-mail and Web browsers. It was also written to scan for and exploit back doors left behind by previous viruses such as Code Red and Sadmind.
