I-Worm.Lentin (Kaspersky Labs)   W32/Yaha.k (McAfee Security)   W32/Yaha-K (Sophos)   W32.Yaha.K@mm (Symantec)   W32/Yaha.M-mm (Message Labs)   WORM_YAHA.K (Trend Micro)   Win32.Yaha.K (Computer Associates)   Yaha.K (F-Secure)  Security advisories:   Computer Associates   F-Secure   Kaspersky Lab   McAfee Security   MessageLabs   Sophos   Symantec   Trend Micro  Free standalone removal tools:   Computer Associates   F-Secure   McAfee Security   Symantec

Security software developers from around the globe have issued virus alerts about a highly infectious new variant of the Yaha worm. The W32.Yaha.K@mm worm, which was discovered on December 24, 2002, has reportedly infected thousands of computers worldwide during the holidays.

Yaha.K can terminate some antivirus and firewall software and users without up-to-date virus definitions are even more exposed to infection. The worm, written in Microsoft's C++ language, carries its own SMTP engine and searches computer systems for the e-mail addresses of potential victims. The virus scours for e-mail addresses popular messaging services (MSN Messenger, Yahoo! Pager, etc.), the user's Windows Address Book, and files with extensions containing "HT".

Although the Yaha worm appears to carry no destructive payload, it could harshly compromise the security settings of thousands of computer systems. Svetlozar Online strongly advises all users to update their antivirus programs' virus definitions to get secure protection against Yaha.K.