A number of customers have contacted Sophos technical support
concerned that they may have received a virus via email from
Sophos.
Sophos would like to reassure its customer base that we have not
been infected or sent any viruses to our customers.
The recent W32/Klez-H worm uses its
own SMTP engine, and can appear to have come from any email
address. Some infected messages have a sender field and message
text which imply that the message was sent by a major anti-virus
vendor (the virus can use the names Kaspersky, F-Secure, Symantec
and Trend Micro as well as Sophos).
Sophos Anti-Virus has been capable of protecting against
W32/Klez-H, via detection of its earlier variant W32/Klez-G, since 7
February 2002.
Some customers have also reported receiving an unsolicited email
apparently from Sophos claiming to contain disinfection tools for
the W32/ElKern
virus (the email mistakenly refers to the virus as "W32.Elkern").
These emails contain a copy of the W32/Klez-G worm and, again, do
not originate from Sophos.
Sophos recommends that users do not open or launch unsolicited
executable attachments and keep their anti-virus software
updated.
Computer users are also advised to consider installing a
patch from Microsoft which is
reported to fix a vulnerability in some versions of Microsoft
Outlook, Microsoft Outlook Express, and Internet Explorer. The
vulnerability is exploited by W32/Klez-H and a number of other
viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.