F-Secure
Tools
Worm:W32/Vobfus.BK
Summary
A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.
Disinfection
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
For more general information on disinfection, please see Removal Instructions.
Additional Details
Worm:W32/Vobfus.BK is the latest variant in the large Worm:W32/Vobfus family (also detected as Trojan:W32/Chinky).
Unlike previous variants, this latest version of the malicious program is able to exploit a recent zero-day vulnerability (CVE-2010-2568) in Microsoft Window's handling of shortcut icons.
For more information on the vulnerability, please refer to Microsoft Security Bulletin 2286198 (http://www.microsoft.com/technet/security/advisory/2286198.mspx).
This malware is also mentioned in our Labs Weblog:
Unlike previous variants, this latest version of the malicious program is able to exploit a recent zero-day vulnerability (CVE-2010-2568) in Microsoft Window's handling of shortcut icons.
For more information on the vulnerability, please refer to Microsoft Security Bulletin 2286198 (http://www.microsoft.com/technet/security/advisory/2286198.mspx).
This malware is also mentioned in our Labs Weblog: