Jump to content
 







Main menu
    


Navigation  


Main page
 Contents
 Current events
 Random article
 About Wikipedia
 Contact us
 Donate
  



Contribute  


Help
 Learn to edit
 Community portal
 Recent changes
 Upload file
  







Search  

































Create account

Log in
 









Create account
  Log in
  



Pages for logged out editors learn more  


Contributions
 Talk
  


















Contents

   



(Top)
  


1 See also  




2 References  




3 External links  













Klez






العربية
 Deutsch
 Lombard
 Nederlands
 Português
 Русский
 Svenska
  
Edit links
  








Article
 Talk
  
















Read
 Edit
 View history
  







Tools
    


Actions  


Read
 Edit
 View history
  



General  


What links here
 Related changes
 Upload file
 Special pages
 Permanent link
 Page information
 Cite this page
 Get shortened URL
 Download QR code
 Wikidata item
  



Print/export  


Download as PDF
 Printable version
  















Appearance
    

 





From Wikipedia, the free encyclopedia
  

For other uses, see KLEZ (disambiguation).

Klez is a computer worm that propagates via e-mail.[1] It first appeared in October 2001 and was originated in China.[2] A number of variants of the worm exist.

The virus (Klez) itself is a Windows PE EXE file of about 65KB, and it operates on WIN32 platforms.[1][2]

Klez infects Microsoft Windows systems, exploiting a vulnerability in Internet Explorer's Trident layout engine, used by both Microsoft Outlook and Outlook Express to render HTML mail.

The e-mail through which the worm spreads always includes a text portion and one or more attachments. The text portion consists of either an HTML internal frame tag which causes buggy e-mail clients to automatically execute the worm, or a few lines of text that attempt to induce the recipient to execute the worm by opening the attachment (sometimes by claiming that the attachment is a patch from Microsoft; sometimes by claiming that the attachment is an antidote for the Klez worm). The first attachment is always the worm, whose internals vary.

Once the worm is executed, either automatically by the buggy HTML engine or manually by a user, it searches for addresses to send itself to. When it sends itself out, it may attach a file from the infected machine, leading to possible privacy breaches.

Later variants of the worm would use a false From address, picking an e-mail address at random from the infected machine's Outlook or Outlook Express address book, making it impossible for casual observers to determine which machine is infected, and making it difficult for experts to determine anything more than the infected machine's Internet Service Provider.

See also[edit]

References[edit]

  1. ^ a b "What is the KLEZ virus? – GMS". Retrieved 2024-04-30.
  • ^ a b "Worm:W32/Klez | F-Secure Labs". www.f-secure.com. Retrieved 2024-04-30.

    • External links[edit]



    Retrieved from "https://en.wikipedia.org/w/index.php?title=Klez&oldid=1230273176"
    Categories: 
    Email worms
     Hacking in the 2000s
     2001 in computing
     Hidden categories: 
    Articles with short description
     Short description matches Wikidata
     Webarchive template wayback links
      


    This page was last edited on 21 June 2024, at 19:06 (UTC).
    Text is available under the Creative Commons Attribution-ShareAlike License 4.0; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization.


    Privacy policy
    About Wikipedia
    Disclaimers
    Contact Wikipedia
    Code of Conduct
    Developers
    Statistics
    Cookie statement
    Mobile view


    Wikimedia Foundation
    Powered by MediaWiki