A Windows virus masquerading as a security update from Microsoft is spreading via e-mail, warn experts.
Gibe pretends to be information from Microsoft
The worm, dubbed Swen or Gibe, comes as an e-mail attachment and exploits a two-year-old hole in Internet Explorer.
Nearly 35,000 copies of the worm in 82 countries have been reported by one security company, while another has classified it as a high risk.
Computer users are advised not to click on attachments in unknown e-mails and update their systems.
The virus tries to trick people into clicking on it by purporting to be a security update from Microsoft, using a variety of subject line and spoof e-mail addresses.
The worm also can spread over internet relay chat and the Kazaa file-sharing network, as well as copy itself over shared computer networks.
The worm switches off any anti-virus or firewall software and mails itself to addresses it finds on the victim's computer.
Other viruses have posed as messages from Microsoft
The sneaky virus also installs various files to make sure that it is run every time the computer boots up.
According to e-mail filtering firm, MessageLabs, the first copies originated from Slovakia on 14 September, with some later coming from the Netherlands.
It has now intercepted more than 35,000 copies of the worm, with the US being worse hit.
The Gibe worm is just the latest in a series of damaging virus attacks that have caused headaches in recent weeks.
And it is not the first time a virus has tried to pretend to be a legitimate security update from Microsoft.
In May, the Palyh e-mail worm masqueraded as a message from email@example.com.
Microsoft has cautioned customers in the past against e-mail software updates, saying it does not distribute patches that way but rather directs them to its website.