high
Summary
Summary
Action- More Information
| How it spreads |
|
|---|---|
| Affected operating systems | Windows |
| Characteristics |
|
| Included in our products from | February 2007 (4.14) |
| Protection available since | 20 December 2006 15:37:16 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
Please follow the instructions for removing worms.
More Information
W32/Allaple-B is a network worm for the Windows platform.
W32/Allaple-B spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: SRVSVC (MS06-040), RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.
W32/Allaple-B searches local disks for HTML files and injects code into them to activate the installed copy of the worm. W32/Allaple-B is a network worm for the Windows platform.
W32/Allaple-B spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: SRVSVC (MS06-040), RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04-007) and by copying itself to network shares protected by weak passwords.
When first run W32/Allaple-B copies itself to <System>\urdvxc.exe.
The W32/Allaple-B is registered as a COM object.
W32/Allaple-B installs itself as a service with the name "MSWindows".
W32/Allaple-B searches local disks for HTML files and injects code into them to activate the installed copy of the worm.
|
