News 

The malware - termed MyWife, Blackmal, Nyxem, the Karma Sutra worm and other names depending on which security firm you speak to - surfaced last month. The malware gets its name by its use of the time honoured technique of promising pornographic files in the attachment, what Microsoft coyly calls at attempt to 'entice users through social engineering efforts'.

Of course it is nothing of the kind and simply installs itself and sends itself on to anyone in the infected machine's address book. It is primed so that on every 3rd day of the month, it will delete a number of crucial files on a system including

ADVERTISEMENT

those with a .doc, .ppt, .xls and .pdf. The software will also attempt to disable the security software from many of the leading vendors including Symantec, McAfee and Kaspersky Labs. Life is further complicated by the appearance of a number of variations since the worm first surfaced.

Although the worm depends on someone opening a file to spread and is strictly speaking not exploiting a vulnerability in Windows, there is a loophole in the system which allows it to spread within networks and overwrite shared folder by accessing Administrator rights through using a blank password.

Oddly enough, users are better off with a blank password for their accounts. Microsoft points out that users of Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003, or Windows Server 2003 Service Pack 1 are less exposed because if the account password is blank, the account cannot be used to log in across a network.

Anyone in doubt about their system should ensure that their security software is updated with the latest signatures. Microsoft is saying that its One Care Live beta is offering detection and protection from the worm.