Microsoft is warning of a computer worm that exploits a flaw in its Internet Explorer browser. A security bulletin on the company's Web site says Microsoft is investigating a "mass mailer worm," dubbed W32/Mimail(at)MM.
The bulletin says the worm spreads through e-mail if recipients open an attached zip file, then open an HTML file inside the zip file.
A Microsoft spokesman is trying to downplay the worm's potential to cause major security problems, calling the damage "simply an annoying e-mail." Microsoft's Web site directs customers to a security patch designed to fix the problem.
Government and industry experts are increasingly concerned about brewing hacker activity they consider a precursor to a broad Internet attack that will target a serious flaw in Windows software from Microsoft.
Experts advised computer users with renewed urgency to apply a free repairing patch that Microsoft has offered on its Web site since July 16, when it acknowledged that the flaw affected nearly all versions of its flagship Windows operating system software.
The Homeland Security Department cautioned last week that hackers in recent days have successfully tested new tools to seize control of such vulnerable computers over the Internet, stealing data, deleting files or eavesdropping on e-mails. The government also said it had detected an "Internet-wide increase in scanning" for victim computers.
Security companies guarding government and corporate networks have identified sporadic break-in attempts worldwide using such tools and monitored hackers in discussion groups and chat rooms exchanging tips about how to improve the effectiveness of their programs.
Applying Microsoft's repairing patch takes a few moments for home users but is a more daunting challenge for large corporations with tens of thousands of Windows computers — leading to a race against hackers for frazzled computer administrators.
"People are definitely aggressively trying to patch this," said Ken Dunham, an analyst at iDefense Inc., an online security company. "But a large rollout may need to take some time."
Researchers' biggest fears — that hackers will quickly unleash automated "worm" software that attacks large numbers of computers within minutes — have so far been unrealized. Although a major hacker convention, known as "DefCon," takes place this week in Las Vegas, experts said an attack could be launched within days, weeks or months.
"Everybody is predicting a widespread event, going from zero to 60 very quickly," said Dan Ingevaldson, an engineering director for Atlanta-based Internet Security Systems Inc. He estimated the likelihood of a major Internet attack as "closer to imminent than probable."