Kama Sutra worm bent on destruction

The fast-spreading e-mail Kama Sutra worm, also known as Nyxem.E and Grew.A, is raising alarms because its sole purpose is to obliterate the everyday working documents widely used by consumers, students and businesses, reports USA Today.

The worm is designed to destroy all Microsoft Word, Excel, Access and PowerPoint documents and Adobe Acrobat and Photoshop files on all hard drives connected to an infected PC.

The worm appears in e-mail inboxes with subject lines such as "hot movie," "A Great Video" or "Crazy illegal Sex!" enticing the recipient to click on an attachment. One variation makes reference to the ancient Sanskrit book on sexual positions.

By clicking on the attachment, the victim launches a program that disables anti-virus protection. The infected PC then begins to send copies of similarly tainted e-mail to every e-mail address on the victim`s hard drive. It implants a program to erase common work files on the third day of the month, hitting even external data-storage devices connected to the infected PC.

Five makers of security software have created guidelines for defining spyware and testing anti-spyware products, reports CNet.

McAfee, Symantec, Trend Micro, ICSA Labs and Thompson Cyber Security Labs say their guidelines could ultimately result in a standard method that buyers can use to rate and evaluate anti-spyware products.

The software makers are part of a larger organisation, the Anti-Spyware Coalition, which is working to standardise industry terms and technology for battling spyware. Next on the group`s agenda: defining threat naming conventions, intelligence-sharing best practices and emergency information distribution guidelines.

The popular Winamp music player suffers from a zero-day vulnerability that attackers are already exploiting, and a patch is not available, says Danish-based security company Secunia.

Winamp`s Web site currently has no news of the bug, or any information about a possible patch. The site`s support forums also lack any talk of the bug, with the exception of one user who provided a link to the proof-of-concept code.

According to Information Week, Secunia says the bug in Winamp 5.12 is "extremely critical". An attacker can take complete control of a PC by getting a user to download a malicious audio playlist that uses a filename larger than about 1 040-bytes. Because Winamp automatically begins playing a playlist once it is downloaded, hackers could easily attack PCs equipped with the music player.

Accessory maker MacAlly has announced cordless headphones that incorporate their own iPod Nano dock, reports The Register. Like MacAlly`s older Shuffle-connectable headphones, the mTune-N`s right speaker sports a slot for the music player.

The Nano`s clickwheel controls are accessible through a circular hole cut into the side of the slot. The mTune-N`s chunky leather-padded 4cm-cone speakers provide "exceptional" stereo sound, MacAlly says.

While the headphones will only dock with the Nano, they can be connected to any other iPod, MP3 player, computer, TV or hi-fi the conventional way.