-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - From the Symantec website: http://www.symantec.com/avcenter/venc/data/w32.nimda.a@mm.html W32.Nimda.A@mm Discovered on: September 18, 2001 Last Updated on: September 18, 2001 at 08:15:23 AM PDT This is the preliminary information known at this time. There is a new mass-mailing worm that utilizes email to propagate itself. The threat arrives as readme.exe in an email. In addition, the worm sends out probes to IIS servers attempting to spread by using the Unicode Web Traversal exploit similar to W32.BlueCode.Worm. Compromised servers may display a webpage prompting a visitor to download an Outlook file which contains the worm as an attachment. Also, the worm will create an open network share allowing access to the system. The worm will also attempt to spread via open network shares. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.1 Int. for non-commercial use http://www.pgpinternational.com iQA/AwUBO6dyemCxI19Ln0TAEQKqeACcD+s7vfY5gPRyJx/jK0jeP6wdkmsAoPWG bUM6g8DfAJinS+iUuJFJXiO1 =Qn2w -----END PGP SIGNATURE-----