WARNING: W32.Bugbear@mm <br />Threat level: Category 4 (Upgraded) <br />Type: <br /> Worm <br />Virus Definitions: September 30, 2002 or later (via LiveUpdate) <br /><br />What is W32.Bugbear@mm and how does it affect me?<br />Due to an increased rate of submissions, Symantec Security Response has upgraded this threat from a Category 3 to a Category 4 as of October 2, 2002. <br />W32.Bugbear@mm is a mass-mailing worm. It can also spread through network shares. It has keystroke-logging and backdoor capabilities. The worm also attempts to terminate the processes of various antivirus and firewall programs.<br /><br />Security Response has seen that because the worm does not properly handle the network resource types, it may flood shared printer resources, which causes them to print garbage or disrupt their normal functionality.<br /><br />The subject and attachment name of incoming emails are randomly chosen. The attachment will have a double extension ending in .exe, .scr, or .pif.<br /><br /> <br /><br />What action can I take from here?<br />Symantec Security Response posted virus definitions to protect against this threat on September 30, 2002 (via LiveUpdate). All users of Norton AntiVirus who do not have up-to-date virus protection should immediately run LiveUpdate for protection from W32.Bugbear@mm. <br /><br />Virus definitions are available via the LiveUpdate feature in the Norton AntiVirus product or the Symantec Security Response Web site.<br /><br />Symantec Security Response encourages all Norton AntiVirus users to regularly download virus definitions in order to protect against future threats. For more information on how to run LiveUpdate, please click here.<br /><br />UPGRADE CUSTOMERS - If you have an older version of Norton AntiVirus and would like to upgrade to Norton AntiVirus 2003, please click here.<br /><br />NEW CUSTOMERS - If you would like to purchase Norton AntiVirus 2003, please click here. <br /><br />Sincerely,<br /><br />Symantec Security Response Team<br />Symantec Corporation