VBS/Davinia-A

Aliases	LittleDavinia WM97/Davinia-A HTML/LittleDavinia
Category	Viruses and Spyware
Type	Worm
What to do	Please contact support for assistance with removal.

Summary

Summary
More Information


Included in our products from	March 2001 (3.43)
Detected by	All Sophos products

More Information

Summary
More Information

Users can be initially infected by this worm by either browsing an infected website or reading an infected HTML email that would attempt to browse an infected website.

The infected website contains code that exploits the Microsoft "Office 2000 UA Control" Vulnerability.

This vulnerability allows websites to run Word macros silently. If macros are allowed to run a Visual Basic Script is dropped that will attempt to overwrite the files in subdirectories of all local and remote network drives.

In addition to a VBS component (detected as VBS/Davinia-A), this worm includes a JavaScript component, detected as JS/Davinia-A, and a Microsoft Word component detected as WM97/Davinia-A.

Get reports about the latest virus and spyware threats delivered to your computer

In this section

VBS/Davinia-A

Summary

More Information