Archives - Microsoft worms


On this day in history – Happy99 worm appears spreading through email and usenet

January 20, 1999: The Happy99 worm first appeared. It invisibly attaches itself to emails, displays fireworks to hide the changes being made, and wishes the user a happy New Year. It modifies system files related to Outlook Express and Internet Explorer (IE) on Windows 95 and Windows 98.

On this day in history – The Conficker computer Worm infects Microsoft systems

November 21, 2008: Computer worm Conficker infects anywhere from 9 to 15 million Microsoft server systems running everything from Windows 2000 to the Windows 7 Beta. The French Navy, UK Ministry of Defence (including Royal Navy warships and submarines), Sheffield Hospital network, German Bundeswehr and Norwegian Police were all affected. Microsoft sets a bounty of […]

On this day in history – VBMania computer Worm attacks Microsoft systems

September 9, 2010: The virus, called “here you have” or “VBMania”, is a computer worm that successfully attacked tens of thousands of Windows computers in 2010 when it was sent as a link inside an email message with the text “Here you have” in the subject line. The final extension of the link was hidden […]

On this day in history – Code Red worm attacks Microsoft web servers

July 13, 2001: Code Red was a computer worm observed on the Internet. It attacked computers running Microsoft’s IIS web server. The Code Red worm was first discovered and researched by eEye Digital Security employees Marc Maiffret and Ryan Permeh, the Code Red worm exploited a vulnerability discovered by Riley Hassell. They named it “Code […]

New worm infects removable drives.

Yet another worm that infects removable drives was discovered. The Win32/SillyAutorun.FTW was recently found in the wild. The worm is written with Microsoft Visual Studio and uses injection engine – worm’s code overwrites the original code in memory. When it runs on infected machine, it firstcopies itself to  %ApplicationData%E-73473-3674-74335msnrsmsn.exe; where %ApplicationData% is application data folder […]