Sophos advises companies on anti-virus best practice
WAKEFIELD, MASS. - In light of the outbreak of a new variant of
the ExploreZip Worm, Sophos, a world leader in network-based
anti-virus solutions, today said companies must learn the lesson of
previous virus infections and practice safe computing.
"The latest worm, known as W32/ExploreZipB or MiniZip, is
essentially identical to the original version of ExploreZip, which
broke into the wild in June," said Graham Cluley, senior technology
consultant for Sophos Anti-Virus. "It distributes itself via email
in the form of an EXE file attachment. It's disturbing to see that
the virus used precisely the same method of distribution and still
fooled many users."
In most organizations, very few - if any - users need to send
email programs (such as .EXE files). Usually, only a few trusted
staff in the IT department will have a business need to send out or
receive EXEs. By eliminating the exchange of games, screensavers,
greetings cards, pornographic animations and so-called "joke"
programs, users can dramatically reduce the risk of infecting their
computers and their companies' networks with viruses.
Sophos advises companies to not only update their anti-virus
software but also to forbid users from sending or receiving
programs, unless authorized. Technology (including anti-virus
software and firewall/gateway systems) can help enforce this rule,
but the rule has to be known throughout a corporation in order to
be truly enforceable.
Sophos's analysis of the ExploreZipB incident and details of how
companies can best improve their anti-virus policy in the light of
this virus, are described here.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.