A new version of the Lovegate worm (actually Lovgate, but let's not ruin a good story) has begun infecting computers worldwide, including those belonging to several Fortune 500 companies, according to a statement from anti-virus firm McAfee.
Like its predecessors, [email protected] is a mass-mailing worm that spreads through e-mail and network file sharing and by exploiting a previously disclosed vulnerability in the remote procedure call interface in multiple Windows versions. Last year's Blaster worm took advantage of the same flaw. The worm drops a back door on infected systems and also tries to propagate itself on other systems using a variety of methods, including mailing itself using its own SMTP engine, according to the McAfee advisory.
This is the 30th version of the worm, but it's one of only a few that have been assessed as a medium risk by the company. "It's a little bit more successful than the other ones," said Chris Schmugar, virus research manager at McAfee. The company has received reports of infections from several of its major clients, Schmugar said. In some cases, hundreds and even thousands of systems have been infected, he said.
However, all the other anti-virus remain relatively unconcerned by the worm, giving it a low severity rating. You can see how all the companies compare on Secunia's site here. Which begs the question: Is McAfee simply seeking press attention because Network Associates changed its name completely to McAfee last week? We couldn't possibly comment.