kornet.net abuse desk is mailing out W32.Nimda.E@mm worm

If you or your staff have dealt with kornet.net (a Korean ISP belonging
to Korean Telecom), and specifically abuse@kornet.net in the past, beware:
It seems that they've been overrun by the brand-spanking-new W32.Nimda.E@mm
worm (**) sometimes late last night.

Specific case in hand: yesterday at 9:40pm EST, I received a mail
with a Subject: line of an UNRELATED abuse issue (hello MFNX/XO/
Above.net :slight_smile: that contains a MIME attachment with an auto-playing
"sound file" of sample.exe , openened in an <iframe> of your favorite
Microsoft email client. Source IP of the mailing : (/24).

Mental note to all abuse desk personnel and publicly visible contacts:
do not use Microsoft, or any other widely used piece of software to
read and process your mail. Auto-adding mail senders to your Outlook
addressbook could be considered a deadly sin. Anti-Virus software
with definitions older than 24 hrs seem to be a real hazard, too.