virus logo Intrusion Prevention

Trojan.Storm.Worm.HTTP.DoS

description-logoDescription

W32.Storm.Worm arrives on a victim system as a file attached to spam emails, where it loads a malicious service named "wincom32". It seeks out Microsoft Internet Information Services (IIS) systems that have not had the proper security patches applied. Any such systems that it finds are then infected with the worm. The payload of this worm performs a DoS attack on http://www.microsoft.com.

affected-products-logoAffected Products

The following systems are affected:
Windows 95
Windows 98
Windows NT
Windows 2000
Windows Me
Windows XP

Impact logoImpact

System compromise.

recomended-action-logoRecommended Actions

Use antivirus software to scan and clean the system.
Do not open suspicious email.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

Small.DAM W32.Storm.Worm
ID 14809
Created Jul 24, 2007
Updated Apr 24, 2014
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action pass
Active
Affected OS Windows
Affected App Other