A fast-spreading worm is challenging both network administrators and home users worldwide. Find out how to prevent and remove this new worm.

Nimda is a network-aware, mass-mailing worm that infects both PC Windows users and IIS Web servers. Think of Nimda (W32.nimda.a@mm) as a combination of Code Red and the mass-mailing worm APost. Nimda attacks at least a dozen known vulnerabilities on systems running Microsoft IIS and can also spread via open shares to other connected machines on a network. Compromised Web sites may display a Web page that encourages users to download a file that is actually infected; consequently, the worm can spread on Windows PCs via email. This infection may cause email servers to run slowly or shut down. At this time, antivirus software companies are still analyzing this sophisticated worm.

How it works
One of the ways Nimda arrives is by email with random text in the subject line, no body text, and an attached file called readme.exe.

The other way Nimda spreads is via Internet scan. From an infected IIS Web server, Nimda scans other Web servers looking for other systems vulnerable to the Unicode Web Traversal. Once Nimda gains access to a Web server, it may display a Web page prompting users to download an infected file, allowing Nimda to spread via email to Windows PCs. Microsoft has already announced patches for most of the vulnerabilities that Nimda exploits.

If a Windows PC user opens the attached email file, the worm will use Mailing API (MAPI) functions to read the user's email address book and send out copies of itself to all of the addresses.

Removal
Antivirus software companies are still analyzing this worm and are in the process of updating their signature files to include Nimda. For more information on removing Nimda from your system, see Central Command, McAfee, Sophos, Symantec, and Trend Micro.

Prevention
Follow these steps to contain this worm:

1. Windows PC users: If you haven't already installed it, download the Outlook 98 Security Patch or the Outlook 2000 Security Patch. Please note that these patches do not include Outlook Express.

2. Don't open attachments! One of the best ways to prevent virus infections is not to open attachments, especially when viruses such as this one are actively circulating. Even if the email message is from a known source, be careful. A few viruses take mailing lists from an infected computer and send out new messages with its destructive payload attached. Always scan any attached files for viruses, and unless the attachment is a file or an image you are expecting, delete it.

3. Stay informed. Did you know that there are virus and security alerts almost every day? Keep up-to-date on breaking viruses and solutions by checking out our Security page in News & Technology. For detailes on the latest local information please click on the Breaking News Section.

4. Get protection. If you don't already have virus-protection software on your machine, you should.

5. Scan your system regularly. If you're loading antivirus software for the first time, let it scan your entire system. It's better to start with your PC clean and free of virus problems. Many antivirus programs can be set to scan on periodically or each time the computer is rebooted. Some will scan in the background while you are connected to the Internet. Make it a regular habit to scan for viruses.

6. Update your antivirus software. Now that you have virus protection software installed, make sure it's up-to-date. Some antivirus protection programs have a feature that will automatically link to the Internet and add virus detection code whenever the software vendor discovers a new threat.

Microsoft Outlook! 98 Email Security Update

The Outlook 98 Email Security Update is a significant security enhancement to Outlook 98 that prevents Outlook users from contracting and spreading email viruses. It guards against viruses such as the ILOVEYOU Melissa and NewLove viruses, as well as other viruses that spread themselves through email, or worm viruses that can replicate through Outlook. Note that the enhancements may affect the way you use Outlook and Office. For example, you will no longer be able to open executable or other script-bearing file types via email attachments. There will also be an added step in synchronising some handhelds with Outlook. Microsoft encourages all users of Outlook 98 to install this update.

System Requirements
Microsoft Outlook 98 and Windows 9x, NT, or 2000

Purchase Information
Free

Microsoft Outlook! 2000 Email Security Update

The Outlook 2000 Email Security Update is a significant security enhancement to Outlook 2000 that prevents Outlook users from contracting and spreading email viruses. It guards against viruses such as the ILOVEYOU Melissa and NewLove viruses, as well as other viruses that spread themselves through email, or worm viruses that can replicate through Outlook. Note that the enhancements may affect the way you use Outlook and Office. For example, you will no longer be able to open executable or other script-bearing file types via email attachments. There will also be an added step in synchronising some handhelds with Outlook. Microsoft encourages all users of Outlook 2000 to install this update.

Note: You must have Microsoft Office 2000 SR-1a Update installed to use this update.

System Requirements
Microsoft Office 2000 SR-1a Update, Microsoft Outlook 2000, and Windows 9x, NT, or 2000

Purchase Information
Free

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.