The CERT Coordination Center publishes incident notes to provide
information about incidents to the Internet community.

<h2>W32/Mimail Virus</h2>

Release Date: August 2, 2003<p>
<h3>Overview</h3>

On Friday, August 1st 2003 the CERT Coordination Center began to
receive an increased number of reports of a new mass mailing virus,
now referred to as W32/Mimail, spreading on the Internet.

<h3>Description</h3>
<p>The W32/Mimail virus is a malicious file attachment containing a
specially crafted MHTML file named 'message.html'. This file is
delivered inside of a .ZIP archive file named 'message.zip'. Viewing
the 'message.html' file on a vulnerable system will cause the
malicious code to be installed and executed. The malicious code is a
mass-mailer.

<p>The email message may look like the following:

</p></p></p>