A number of customers have contacted Sophos technical support
concerned that they may have received a virus via email from
Sophos.
Sophos would like to reassure its customer base that we have not
been infected or sent any viruses to our customers.
The recent W32/Klez-H worm uses its
own SMTP engine, and can appear to have come from any email
address. Some infected messages have a sender field and message
text which imply that the message was sent by a major anti-virus
vendor (the virus can use the names Kaspersky, F-Secure, Symantec
and Trend Micro as well as Sophos).
Sophos Anti-Virus has been capable of protecting against
W32/Klez-H, via detection of its earlier variant W32/Klez-G, since 7
February 2002.
Some customers have also reported receiving an unsolicited email
apparently from Sophos claiming to contain disinfection tools for
the W32/ElKern
virus (the email mistakenly refers to the virus as "W32.Elkern").
These emails contain a copy of the W32/Klez-G worm and, again, do
not originate from Sophos.
Sophos recommends that users do not open or launch unsolicited
executable attachments and keep their anti-virus software
updated.
Computer users are also advised to consider installing a
patch from Microsoft which is
reported to fix a vulnerability in some versions of Microsoft
Outlook, Microsoft Outlook Express, and Internet Explorer. The
vulnerability is exploited by W32/Klez-H and a number of other
viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.