Virus Poses as Microsoft Security Patch

The W32.Swen.A@mm or W32.Gibe.B@mm (Swen/Gibe) virus couldn't have come at a worst time for Microsoft and computer users in general -- now that software patches to fix buggy code has slowly crept into the public lexicon. After the SoBig and MSBlaster in August made national headlines, security experts now fear the heightened attention will now cause many victims to blindly fall prey to the new masquerade. The new virus, which originated in Europe, has started infected e-mail inboxes in the U.S., arriving with a .EXE attachment with the subject line "Microsoft Internet Update Pack", "Microsoft Critical Patch" or "Newest Security Update". According to Symantec Security Response, the worm uses its own SMTP engine to spread itself and attempts to kill anti-virus and personal firewall programs running on a computer. Swen/Gibe is also capable of exploiting a known Internet Explorer vulnerability to spread via peer-to-peer networks like Kazaa and IRC. Ken Dunham, Malicious Code Intelligence Manager for Virginia-based iDefense, warned that the Swen/Gibe worm "is quickly gaining ground in Europe and has the potential to become very widespread in a short period of time."