I am forwarding on information received today from Message Labs of the following new virus:-
Beware of a new email-borne mass-mailing virus
On 1st August 2003, MessageLabs the email security company intercepted copies of a new mass-mailing virus called W32/Mimail.A-mm, and stopped the first copy originating from the United States.
Number of copies intercepted so far: 37,342
Time & Date first Captured: 1st August 2003 12:28GMT
Origin of first intercepted copy: United States
Number of countries seen active: 85 (US 80%; UK 7%)
This file uses a combination of Windows exploits including MS02-015 and MS03-014, to automatically create an executable file on the recipient’s computer and then attempts to run it. W32/Mimail.A-mm is a mass-mailing virus that includes its own SMTP engine. It can collect email addresses from a compromised system by searching through various files on the hard disk.
The virus arrives in an attachment with a .zip extension, and may therefore potentially infect anyone who is only blocking .exe (and similar) attachments. Furthermore, the Zip file consists of an HTML file, which also will not be blocked even by those who block Zip files containing executables.