Nimda Worm Attacks Servers and E-mail Alike
Tuesday, September 18, 2001
A new worm--called Nimda--appeard early last Tuesday. It spreads itself in multiple ways. It attacks Web servers which in turn attack other Web servers. It also propagates across networked drives, making it particularly damaging in networked environments. In addition, it sends mail with an attachment called README.EXE. If you receive a message with the aforementioned attachment, delete it. In addition to these methods, you may also be prompted to download a file, README.EML, while visiting Web sites. Doing so will automatically launch your Outlook Express e-mail client and open up the infected message. To prevent this, do not download the README.EML file when prompted. Currently, none of the major anti-virus products are capable of preventing computers from becoming infected or cleaning infected files.