Saturday, May 26, 2012 Last update: Yesterday, 6:04 PM
U.S. Technology Company News from the Inside

Akonix Security Center Identifies First WMF File Vulnerability Spreading Over Instant Messaging; Working with Major I'm Network

print this article - email to a friend - join our eNewsletter
Submitted by admin on 1/3/2006 @ 4:31 PM
Companies mentioned in this article: Akonix

Akonix Systems, Inc. today identified a new instant messaging (IM) worm named IM-Worm.Win32.Kelvir.WMF.A, which takes advantage of a leading I'm network to spread the newly discovered Windows Meta File (WMF) vulnerability on users' Pcs. The Akonix Security Center classified the worm as medium risk and is working with its I'm network partner to immediately protect customers against this threat.

DESCRIPTION:

The IM-Worm.Win32.Kelvir.WMF.A spreads over a leading I'm network using the link http://(snip)/xmas-2006 FUNNY.jpg. This jpg is actually an HTML page that contains a WMF file, taking advantage of a security vulnerability first identified on December 27. Opening the above link in a browser will infect users' computers by downloading an SDBot that is instructed to download the IM-Worm.Win32.Kelvir.WMF.A virus. In turn, this attempts to re-propagate the worm by using an I'm buddy list.

Since the discovery of the WMF vulnerability one week ago, this is the first time it is being exploited as an IM-based threat. A patch for the WMF security hole is not expected to be issued until Tuesday, January 10. Instant messaging is the easiest way for hackers to take advantage of this security breach because users simply need to click a link in an I'm conversation to get directed to a Web site infecting their machines. Anti-virus software will not likely protect against the worm, so enterprises are advised to warn employees of this potential I'm security risk.

To learn more about the IM-Worm.Win32.Kelvir.WMF.A worm, please visit the Akonix Security Center at www.imsecuritycenter.com.

PREVENTION:

For Akonix L7 Enterprise customers, systems are automatically configured to download and install the latest updates to the Akonix SPIM & Malware Filter, and no IT intervention is required. Akonix L7 Enterprise is the industry's only I'm security system that combines dynamically updated I'm security policies and integrated anti-virus scanning to provide the most comprehensive protection for corporate networks from IM-based attacks.

Other organizations should ensure all desktop computers are updated with the latest security patches, and that all public I'm use is securely managed.

ADDITIONAL INFORMATION:

Akonix Security Center experts are available to comment on the IM-Worm.Win32.Kelvir.WMF.A worm and other real-time security risks. Representatives are able to discuss the rise in I'm threats during 2005, based on the increased use of I'm for business critical communications.

Akonix recently released its Q4 2005 I'm Threat Watch report, which reports that the Akonix Security Center in 2005 issued a total of 233 SPIM and malware filter updates, compared to only eight in 2004, an increase of approximately 2,800%. To receive a copy of the report, please email akonix@lewispr.com.

For more information about the Akonix Security Center, or to sign up for I'm security alerts, please visit www.imsecuritycenter.com.