Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 1 of 25.
Updated on Oct 07, 2008
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Roron.AA@mm is a worm that attempts to send personal information to a remote address. It may spread via e-mail, network shares, or peer-to-peer file sharing.
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.A@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds in certain files on the infected computer. The worm is activated when the e-mail recipient opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.B@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.C@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Mar 07, 2005
Win32/Bagle.Q@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends e-mail messages that exploit the Internet Explorer vulnerability covered in Security Bulletin MS03-032. The worm monitors TCP ports for instructions from remote attackers. Win32/Bagle.Q@mm is also a polymorphic file infector.
Alert level: severe
Updated on Mar 07, 2005
Win32/Bagle.R@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends e-mail messages that exploit the Internet Explorer vulnerability covered in Security Bulletin MS03-032. The worm monitors TCP ports for instructions from remote attackers. Win32/Bagle.R@mm is also a polymorphic file infector.
Alert level: severe
Updated on Feb 01, 2005
Win32/Korgo.D.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected systems. A computer infected with this worm may crash and reboot unexpectedly.
Alert level: severe
Updated on Jul 01, 2005
Win32/Randex.BF is a network worm that targets computers running certain versions of Microsoft Windows. The worm scans IP addresses randomly to attempt to spread to writeable network shares that have weak passwords. The worm also has backdoor capabilities that allow attackers to control an infected computer through an IRC channel.
Alert level: severe
Updated on Jan 10, 2005
Win32/Mydoom.A@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor. After February 1, 2004, the worm attempts a denial-of-service (DoS) attack against www.sco.com.
Alert level: severe
Updated on Jan 31, 2005
Win32/Netsky.A@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm is activated when a user opens the e-mail attachment that contains the worm. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm also copies itself to folders on the infected computer.
Alert level: severe
Updated on Mar 07, 2005
Win32/Bagle.S@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends e-mail messages that exploit the Internet Explorer vulnerability covered in Security Bulletin MS03-032. The worm monitors TCP ports for instructions from remote attackers. Win32/Bagle.R@mm is also a polymorphic file infector.
Alert level: severe
Updated on Feb 21, 2005
Win32/Sasser.D.worm is a network worm that exploits the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm targets Windows XP computers that do not have MS04-011 installed. Unlike previous variants, Sasser.D does not work on Windows 2000. Infected computers attempt to spread the worm to other unprotected computers by randomly scanning IP addresses and infecting vulnerable computers. 
Alert level: severe
Updated on Apr 28, 2006
Win32/Sasser.A is a network worm that exploits the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm targets Windows 2000 and Windows XP computers that have not installed the MS04-011 security update. Infected computers attempt to spread the worm to other unprotected computers by randomly scanning IP addresses and infecting vulnerable computers.
Alert level: severe
Updated on Jul 01, 2005
Win32/Randex.FI.worm is a network worm that targets computers running certain versions of Microsoft Windows. The worm attempts to spread by randomly scanning IP addresses for writeable network shares with weak passwords. The worm has backdoor capabilities that allow attackers to control the infected computer through an IRC channel. The worm also restricts some security applications from running on infected computers.
Alert level: severe
Updated on Mar 24, 2005
W32.Mimail.P@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses on the infected computer. When the user opens the attachment, it can display a series of dialog boxes that the worm uses to gather and transmit user credit card information.
Alert level: severe
Updated on Jul 01, 2005
Win32/HLLW.Randex.A is a worm that targets computers running certain versions of Microsoft Windows. The worm generates and scans IP addresses randomly to attempt to spread to writeable network shares that have weak passwords. If your computer is infected by this worm, you may notice crashes or slowdowns during normal operation.
Alert level: severe
Updated on Jul 01, 2005
Win32/Randex.D is a network worm that targets computers running certain versions of Microsoft Windows. The worm randomly scans IP addresses to spread to writeable network shares that have weak passwords. The worm drops a backdoor proxy Trojan that acts as an HTTP proxy that allows attackers to access the infected computer.
Alert level: severe
Updated on Feb 21, 2005
Win32/Sasser.B is a network worm that exploits the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm targets Windows 2000 and Windows XP computers that do not have the MS04-011 security update installed. Infected computers attempt to spread the worm to other unprotected computers by randomly scanning IP addresses and infecting vulnerable computers.
Alert level: severe
Updated on Aug 04, 2005
Win32/Sasser.C is a network worm that exploits the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm targets Windows 2000 and Windows XP computers that do not have the MS04-011 security update installed. Infected computers attempt to spread the worm to other unprotected computers by randomly scanning IP addresses and infecting vulnerable computers.
Alert level: high