Sorry, but real virus warning....

[TheRogue]

Got this from our tech admin people today, I know my home ISP admin has been blocking it fairly regularly....

Quote:

ALL EMPLOYEE BULLETIN

To: All Employees
From: Chief, Branch of Information Resources Management
Subject: AEB - Virus Alert: W32/Mimail@MM

There is a new virus out, known as W32/Mimail@MM, that looks like it comes from the administrator of the domain. The current Viruscan installed on our machines should catch this virus if anyone attempts to open the attachment. A Viruscan update that fully supports this virus is due out this afternoon and will be applied to our systesms as soon as it is available. The details of the infected email are as follows:

From: Admin (ADMIN@your_domain)
Subject: your account %user%
Importance: High
Hello there,
I would like to inform you about important information regarding your email address. This email address will be expiring. Please read attachment for details.
--- Best regards, Administrator
Attachment: message.zip

The attached .ZIP file contains a file named MESSAGE.HTM. This file uses the codebase exploit to automatically create the file foo.exe in the Temporary Internet Files folder and run it. The following files are created in the WINDOWS (%WinDir%) directory:
videodrv.exe (19,824 bytes)
exe.tmp (20,445 bytes)
zip.tmp (20,567 bytes)

Please DO NOT try to open the attachment.

If you have received a message like this, delete the email immediately.

<font size="2" face="verdana,arial,helvetica">

[Conspiracy Theory]

This appears to be real. The only reason I responded is there are a lot of times these are hoxes and people get e-mails saying they are real.

Symantec's virus alert