Worm spread through security newsletter

NEWS Security software vendor EMS has been sending out a newsletter that can leave users infected with the Nimda worm. silicon.com was contacted by one of the receivers of EMS's regular newsletter, which features security analysis and information. The newsletter included a link which directed users to a Nimda-infected site. Earlier last month, virus experts were warning surfers to be vigilant as Nimda can be picked up from infected websites, as well as via email. However, EMS was quick to retract its original email and sent out a warning to the recipient list today which said: "One of the defacement sites listed having been checked by one of our technicians has since been infected by the Nimda virus therefore please do not access the following web site [a link to a page on defaced.alldas.de] Apologies, EMS-global Ltd." The Nimda worm, which is still spreading on the internet, attempts to exploit 16 different holes in Windows 2000 and PCs running Windows 95, 98, Me and 2000, and is thought to have originated in South Korea.