A new mass-mailing virus is on the loose on the Internet, this one masquerading as a message from Microsoft Corp. about a cumulative security patch. Known as either Swen or Gibe, the virus is mainly found in Europe right now, but anti-virus experts say it has the potential to spread quickly and widely. Like some other recent worms and viruses, Swen attempts to spread through several different methods, including peer-to-peer file sharing networks and IRC channels. It takes advantage of a two-year-old flaw in Microsoft Outlook and is capable of automatically executing the infected attachment once the message is opened.

Swen arrives in an e-mail message with a subject line of "Microsoft Critical Patch" and an executable attachment with a random file name. The message body itself is a somewhat realistic looking HTML message that includes Microsoft's logo and links to the company's Web site. The body instructs the user to install the included attachment, which is described as the "February 2003, Cumulative Patch" for Outlook, Outlook Express and Internet Explorer. The virus then copies itself to the folder used to share files on the Kazaa network, if it exists on the infected machine. Swen applies names to the infected files in the Kazaa folder that make the files appear to be patches for other viruses, such as Bugbear and SoBig, according to an analysis of the virus by iDefense Inc., in Reston, Va.