Sophos advises companies on anti-virus best practice
WAKEFIELD, MASS. - In light of the outbreak of a new variant of
the ExploreZip Worm, Sophos, a world leader in network-based
anti-virus solutions, today said companies must learn the lesson of
previous virus infections and practice safe computing.
"The latest worm, known as W32/ExploreZipB or MiniZip, is
essentially identical to the original version of ExploreZip, which
broke into the wild in June," said Graham Cluley, senior technology
consultant for Sophos Anti-Virus. "It distributes itself via email
in the form of an EXE file attachment. It's disturbing to see that
the virus used precisely the same method of distribution and still
fooled many users."
In most organizations, very few - if any - users need to send
email programs (such as .EXE files). Usually, only a few trusted
staff in the IT department will have a business need to send out or
receive EXEs. By eliminating the exchange of games, screensavers,
greetings cards, pornographic animations and so-called "joke"
programs, users can dramatically reduce the risk of infecting their
computers and their companies' networks with viruses.
Sophos advises companies to not only update their anti-virus
software but also to forbid users from sending or receiving
programs, unless authorized. Technology (including anti-virus
software and firewall/gateway systems) can help enforce this rule,
but the rule has to be known throughout a corporation in order to
be truly enforceable.
Sophos's analysis of the ExploreZipB incident and details of how
companies can best improve their anti-virus policy in the light of
this virus, are described here.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.