ALARM Group ALERT - click for a description of ALARM, The Computing Alert System Alert Number:  091107-01 Alert Date:  09/11/07 Alert Title:  Worm affects Skype users Update-to:   none OS/Platform/Application:  Skype on Microsoft Windows Computers Category:  ALERT Severity: LOW Attention:  System Administrators, Desktop Support Personnel, Skype users

Summary:  Numerous Internet Security-related resources are reporting the existence of a virus that affects Skype users on Windows systems.  The virus is launched when a user opens a link that is sent to them in a chat message.  At the time of this writing (9:11 AM on Tuesday 9/11/07) there is no fix yet available from Skype to address this vulnerability.

Recommended Actions:  Different chat messages carry the virus; Skype users should exercise extreme caution when using chat and/or consider not opening any chat messages/clicking on any links within chat messages until the vulnerability is resolved.

Several Anti-Virus software vendors have updated their definitions to include this virus.  Skype users are therefore encouraged to update their antivirus software immediately and to be sure that they are updating this software regularly in future in order to detect and/or stop the spread of the virus.

Information on the virus is provided in the links below.

Readers are encouraged to share this alert with family and friends. 

ITS Actions:  At this time, ITS is taking no specific additional actions to address this activity.

Resources:

Information on the virus from Skype:
http://heartbeat.skype.com/2007/09/the_worm_that_affects_skype_fo.html

SANS information (includes a list of some messages associated with the worm):
http://isc.sans.org/diary.html?storyid=3363