If you happen to still use Internet Explorer, you better read this information (http://www.easynews.com/virus.html) at Easynews and seriously consider switching over to Firebird.

Once this virus has overflowed GDI+, phoned home, connected to an ftp site and downloaded almost 2megs of stuff, it installs another trojan as a service on your Windows machine. Real evil.

The isolated virus file is also available there for download, so you can test if your latest virus killer can detect this one.

I forgot to mention another part also written in the Easynews article:

The virus also installs radmin (radmin.com) running as 'r_server'. From the radmin.com site, "With Radmin you can work on a remote computer exactly as if you were right there at its keyboard."

My Kaspersky AV detected the virus after a signature update and identified it as Exploit.Win32.MS04-028.gen.

Don't use IE...I'm on Mozilla so hopefully I have nothing to worry about. Also at home I'm using a Mac so don't think anything will happen.

Nasty.... Glad I switched to Firefox too!

Craig.

On my Mac I've viewed images that exploit the buffer overflow (which is where the virus stems from), and nothing happened at all (not that I expected it to). It's a Microsoft product only hole.

Don't have to worry about it with any form of Unix (MacOS X, Linux, *BSD, etc.), or with Firefox/Mozilla/etc. on Windows.