Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
787 entries found. Displaying page 7 of 40.
Updated on Nov 09, 2004
Win32/Msblast.I is a network worm that can spread to a computer running Microsoft Windows 2000 and Windows XP that does not have Security Update MS03-026 or MS03-039 installed. The worm attempts to spread using TCP port 135, UDP port 69, or TCP port 4444. The worm also drops a component that opens a backdoor.
Alert level: severe
Updated on Nov 16, 2004
Win32/Mydoom.F@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor. The worm attempts a denial-of-service (DoS) attack against www.microsoft.com or riaa.com if the date is between 17 and 22 of any month.
Alert level: severe
Updated on Jan 26, 2005
Win32/Korgo.AE.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Update MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may A computer infected with this worm display an LSA crash dialog box and may crash and reboot unexpectedly.
Alert level: severe
Updated on Jan 26, 2005
Win32/Korgo.AF.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Update MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.
Alert level: severe
Updated on Feb 02, 2005
Win32/Bropia.C.worm is a worm that targets computers running certain versions of Microsoft Windows. The worm spreads and is activated when a user clicks a file that is sent through MSN Messenger or Windows Messenger. The worm drops Win32/Spybot.AT.worm when it runs on a computer.
Alert level: severe
Updated on Feb 16, 2005
Win32/Bropia.I.worm is a worm that targets computers running certain versions of Microsoft Windows. The worm spreads and is activated when a user opens a file that is sent through MSN Messenger or Windows Messenger. The worm drops Win32/Spybot.AY.worm.
Alert level: severe
Updated on Feb 17, 2005
Win32/Bropia.J.worm is a worm that targets computers running certain versions of Microsoft Windows. The worm spreads and is activated when a user opens a file that is sent through MSN Messenger or Windows Messenger. The worm drops Win32/Spybot.AY.worm when it runs.
Alert level: severe
Updated on Apr 14, 2005
Win32/Mytob.Z@mm is a mass mailing worm that targets certain versions of Windows. It spreads to other computers by exploiting Windows vulnerabilities, and through MSN or Windows messenger. The worm also functions as an Internet Relay Chat (IRC) client 'bot' to receive commands from attackers.
Alert level: severe
Updated on Apr 26, 2005
Worm:Win32/Mydoom.AX@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it gathers from the infected computer and from Web site queries. The worm runs when a user opens the e-mail attachment. The worm also has a backdoor component that monitors a TCP port for commands from attackers.
Alert level: severe
Updated on Oct 17, 2005
Win32/Mytob.DA@mm is a mass-mailing network worm that targets computers running certain versions of Windows. The worm can spread through e-mail, network shares, MSN Messenger, and Windows Messenger. It can also spread by exploiting the Windows LSASS vulnerability described in Microsoft Security Bulletin MS04-011. The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.
Alert level: severe
Updated on Oct 17, 2005
Worm:Win32/Mytob.FD@mm is a mass-mailing worm that targets computers running certain versions of Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the computer.  The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.
Alert level: severe
Updated on Oct 17, 2005
Win32/Mytob.DR@mm is a mass-mailing worm that targets computers running certain versions of Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the computer.  The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.
Alert level: severe
Updated on Nov 02, 2005
Win32/Mytob.DQ@mm is a mass-mailing worm that targets computers running certain versions of Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the infected computer. The worm has a backdoor component that connects to an IRC server from the computer to receive commands from attackers.
Alert level: severe
Updated on Nov 23, 2005
Worm:Win32/Mytob.KV@mm is a worm that spreads via e-mail. It also contains backdoor functionality that allows unauthorized access to an affected machine.
Alert level: severe
Updated on Sep 14, 2004
Backdoor:Win32/Rbot.DG is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level: severe
Updated on Oct 13, 2004
Backdoor:Win32/Rbot.AL is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level: severe
Updated on Nov 03, 2004
Backdoor:Win32/Rbot.AY is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level: severe
Updated on Nov 09, 2004
Win32/Mydoom is a family of mass-mailing worms that spread through e-mail. Some variants also spread through peer-to-peer networks. The worm acts as a backdoor Trojan, which allows an attacker to access the infected system. This backdoor may be used to distribute other malicious software. Some variants of Win32/Mydoom launch denial of service (DoS) attacks against specific Web sites. 
Alert level: severe
Updated on Nov 11, 2004
The Win32/Gaobot worm family spreads using different methods, depending on the variant. Some variants spread to machines with weak passwords. Others exploit vulnerabilities to infect machines. Once a machine is infected, the worm connects to an IRC server to receive commands.
Alert level: high
Updated on Nov 19, 2004
Backdoor:Win32/Rbot.BD is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level: severe