More disheartening Windows security news, a new virus has been released into the wild and is showing up in inboxes disguised as an IE7 update. While safe mail habits will protect anyone from getting their machine compromised, the threat is still there. Rather than showing up as an attachment, it is an embedded link in a Microsoft-ish image. The true nature of the virus has not yet been fully explained:
The file is actually a new virus called Virus.Win32.Grum.A, and security experts were still analyzing it Friday to see what it does. Sophos PLC said it can spread by e-mailing itself to contacts in a user's address book. The virus tampers with registry files to ensure it gets installed, and it tries to download additional files from the Internet, said Graham Cluley, a senior technology consultant for Sophos.
As late as this morning, there are still some A/V suites that do not pick up on this virus, so be cautious if you rely on them to do all your patrolling for you. The actual servers hosting the infected file are spread out around the world, making it trickier to track the server owners down and get them to clean up their machines. Non-Windows machines are not affected.