A new version of the Lovegate worm has begun infecting computers worldwide, including those belonging to several Fortune 500 companies, according to a statement from antivirus firm McAfee
Like its predecessors, Lovegate.ad@MM is a mass-mailing worm that spreads through email and network file sharing and by exploiting a previously disclosed vulnerability in the remote procedure call interface in multiple Windows versions. Last year's widespread Blaster worm took advantage of the same flaw.
The worm drops a back door on infected systems and also tries to propagate itself on other systems using a variety of methods, including mailing itself using its own SMTP engine, according to the McAfee advisory.
This is the 30th version of the Lovegate worm, but it's one of only a few that have been assessed as a medium risk by the company. "It's a little bit more successful than the other ones," said Chris Schmugar, virus research manager at McAfee.
The company has received reports of infections from several of its major clients, Schmugar said. In some cases, hundreds and even thousands of systems have been infected, he said.