diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Win32/Visal.B Mass Mailing Worm with Subject name “Here you have”: Tips for protection on Exchange 2003/2007/2010

Worm:Win32/Visal.B is a new worm, written in Visual Basic, that is currently propagating in part using social-engineering. The mass-mailed messages contain a link that looks as though it points to a .pdf document or .wmv video, but in fact it points to a malicious .scr file. If you run the scr your machine will start sending out thousands of messages. This mail flow will cause some email servers to become unresponsive.

If your using Exchange 2007 and 2010 you can mitigate the spread of this virus by adding a transport rule that drops the message. On exchange 2003 your options are to block this message with subject line rules by blocking subjects that contain “Here you have”. Make sure that these messages are dropped and not quarantined. Also turn off notifications for this rule to make sure you don’t flood your server with notifications.

For already received mail, use ExMerge to remove the messages from mailboxes and delete mail sitting in the queue.


Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...