Reported cases of the fifth version of the Nimda worm, Nimda.E, have exploded, although it has only been in the wild since 29 October. This is the fifth modification of the worm since Nimda.A appeared on the Internet on 18 September.
AVS Content Security reported an increase in local Nimda.E activity this morning, while internationally Symantec upgraded the worm's threat status to "3" due to the number of reported infections it has received. Nimda.A still holds a threat of "4", according to Symantec.
Nimda propagates itself through a variety of methods, including e-mail, through a Java applet in infected Web sites, through a local area network, and by attacking IIS Web servers. The latest version includes fixes and optimisation over the original.
Nimda.A accounted for 17.8% of all virus infections last month, second only to the four-month-old Sircam virus, according to Sophos' Top Ten virus report.
Related stories:
Nimda makes enterprise re-evaluate Microsoft servers
Security firm warns of bogus Nimda 'fix'
Nimda promises to rival Melissa, Code Red
Share
