In his computer system (usually through a network connection). Note that unlike general viruses, worms do not need to attach themselves to the host program. There are two types of worms: host worms and network worms. Host worms are completely contained in the computer running them, and they just use network connections to copy themselves to other computers. After adding their own copies to other hosts, the host computer worms will terminate themselves (so only one copy of the worm runs at any given time). This kind of worm is sometimes called "hare", and the worm virus generally spreads through the vulnerability of 1434 port.
For example, Nimia virus, which is very harmful in recent years, is a kind of worm virus, and the popular "Panda Burning Incense" and its variants from June 5438 to October 2007 are also worm viruses. This virus takes advantage of the vulnerability of Microsoft's Windows operating system. After the computer is infected with this virus, it will continue to dial the Internet automatically, spread it by using the address information in the file or the Internet, and eventually destroy most important data of users. The general prevention and cure method of worm virus is to use anti-virus software with real-time monitoring function, and be careful not to open unfamiliar email attachments easily.
The reason for the formation is to take the initiative to attack by exploiting vulnerabilities.
This kind of virus is mainly "Red Team" and "Nimia", and the "cover letter" that is still raging today. Due to the vulnerability of IE browser (iframe executes commands), the mail infected with Nimia virus can be activated without opening the attachment manually. Previously, even many anti-virus experts have always believed that emails with virus attachments will not be harmful as long as the attachments are not opened. The "Red Team" is spread by using a vulnerability of Microsoft IIS server software (idq.dll remote cache overflow), while the SQL worm is attacked by using a vulnerability of Microsoft database system.
Various ways of communication
Such as "Nimia" virus and "cover letter" virus, the available transmission channels include files, emails, Web servers, Internet access, etc.
New virus production technology
Different from traditional viruses, many new viruses are realized by using the latest programming language and technology, and it is easy to modify and produce new variants, thus avoiding the search of antivirus software. In addition, this new virus can lurk in HTML pages and be triggered when surfing the Internet by using technologies such as Java, ActiveX and VBScript.