# Net-Worm.Win32.Kido a polymorphic worm, are currently spreading widely



## robis27 (Jul 9, 2009)

*Net-Worm.Win32.Kido*

Status : moderate risk 

Kaspersky Lab has detected that multiple variants of Kido, a polymorphic worm, are currently spreading widely.

Net-Worm.Win32.Kido exploits a critical vulnerability (MS08-067) in Microsoft Windows to spread via local networks and removable storage media.

The worm disables system restore, blocks access to security websites, and downloads additional malware to infected machines.

Users are strongly recommended to ensure their antivirus databases are up to date. A patch for the vulnerability is available from Microsoft (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx).

Detailed descriptions of Net-Worm.Win32.Kido.bt, Net-Worm.Win32.Kido.dv and Net-Worm.Win32.Kido.fx are available in the Virus Encyclopaedia. A dedicated removal tool is available http://support.kaspersky.com/faq/?qid=208279973.


----------

