Office of Information Technology
Home
Calendar
Map
 Home
 Computing
Library
Search

Security: How-To Guides

Security Home Statistics Virus/AntiVirus Policies &tc How-To Guides Get Our Attention
Quick Find

Get Moving


Get Help

Submit an online Remedy Work Order
Send email to helpdesk@umbc.edu
Klez Worm and Variants (9-30-2002)

Summary
Affects:

All Windows Operating Systems
Internet Explorer versions 5.01, 5.5
Type: Worm
Threat: Run code of attacker's choice
Typically replicates over email and network shares
Fix:

McAfee with DAT 4168 (or greater)

Download and install appropriate patches

Incorrect MIME Header Can Cause IE to Execute E-mail Attachment

Patch for Internet Explorer 5.01 and 5.5 Outbound Link

Return to Top


Official Releases

Vendor Reports

McAfee's report Outbound Link
F-Secure's description Outbound Link
Sophos's analysis Outbound Link
Microsoft's Official Announcements & Press Releases

Incorrect MIME Header Can Cause IE to Execute E-mail Attachment: Microsoft Security Bulletin (MS01-020) Outbound Link

More Information
Related Articles
"Klez: Don't Believe 'From' Line" Outbound Link
WiredNews (5-01-2002)

Klez.H (4-18-2002)

OIT's Klez.H Update Notice
(5-01-2002)

The Register's article Outbound Link
(4-17-2002)
Klez.E: CW360o's article
(local cache; 3-6-2002)

What to Do Next

Update McAfee DAT to most recent available
Try the McAfee AVERT Stinger® Tool
A "stand-alone utility used to detect and remove specific viruses" including W32/Bugbear, W32/Elkern, and W32/Klez
Instructions, Download, and FAQ Outbound Link



OIT Security: Footer
NOTE: " Outbound Link" Indicates a link to an external (non-UMBC)

Last modified: 9/22/2003
Office of Information Technology • Main Office: ECS 125 • Phone: 410-455-3838 • Email: oit@umbc.edu