Virus watchers are issuing warnings about a new variant of the Worm/Klez.E mass mailing worm that allows an email attachment to be executed by merely viewing the email message in un-patched versions of Microsoft Outlook Express or Outlook.
Worm/Klez.G was discovered on April 17, according to the anti-virus software vendor Central Command. In one 24-hour period late last week, infection reports rose over 325%, the company said.
Symantec and TrendMicro likewise rate the worm and its variants, which include W32.KlezH@mm, as a medium risk, or a 3 on a scale of 1-5, because the worm is highly prevalent in the wild.
Worm/Klez.G searches hard disks on infected systems and randomly attaches a file to each email it sends, thus potentially releasing confidential information from infected users.
The worm uses a number of different subject lines, including: Fw: A nice game, Re: A WinXP patch, Re: Good removal tools, Fw: A humour website, how are you, For more information, please visit.
Microsoft has issued a patch that will protect users against the vulnerability the worm exploits. The patch is available here.
For more information on W32/Klez variants, see the CERT/Coordination Center Web site.