I’ve received two valid warnings at the office this morning regarding the following virus:
The risk/incident rate is apparently rising, and they’ve upgraded the threat level, so I thought I’d give you a heads up. Details can be found at the link at the end, and for anyone using Microsoft Internet Explorer (ver 5.01 or 5.5 without SP2).please review the section:
It is common for the attachment name to contain a double-extension (ie. .doc.pif). Outgoing messages look to make use of the Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability (MS01-020) in Microsoft Internet Explorer (ver 5.01 or 5.5 without SP2). Gateway scanner will detect samples using this exploit as Exploit-MIME.gen. or Exploit-MIME.gen.exe.
It refers to a vulnerability with certain versions of Explorer that may cause the attachment to execute automatically, whether you open the attachment purposefully or not.