Anti-virus firms have warned of a new computer worm being e-mailed that purports to be security software from Microsoft but tries to disable security programs that are already running.
The worm, dubbed "Swen" or "Gibe," takes advantage of a two-year-old hole in Internet Explorer and affects systems that have not installed a patch for that security hole, according to Internet security company Network Associates.
The malicious program arrives as an attachment to an e-mail pretending to contain a patch for holes in Internet Explorer, Outlook and Outlook Express and then mails itself off to addresses located on the victim's computer.
The worm also can spread over Internet relay chat and the KaZaa peer-to-peer network, as well as copying itself over shared networks, Network Associates said.
When it infects a computer it alerts a website that appears to be counting the infections, according to Symantec, another Internet security company.
Network Associates rated the worm a low risk for corporate users and a medium risk for home users. The company and rival Symantec, among others, areoffering anti-virus updates that detects and removes the worm.
Microsoft has cautioned customers in the past against e-mail software updates, saying it does not distribute patches that way but put them on its website instead.