16 Sep 2002
Slapper teaches users value of safe hex, says Sophos
Sophos, a world leader in corporate anti-virus protection, is
urging Unix users to tighten up their safe computing procedures in
order to curb the spread of the new Slapper worm (Linux/Slapper-A). This
worm is currently spreading across the internet via unpatched
vulnerablilities in some versions of OpenSSL used on Apache web
servers.
Sophos produced specific protection against the Slapper worm at
09:17 GMT on Saturday, but is reminding Apache web server users
that a patch for the vulnerability has been available since July
2002 from www.openssl.org.
"Unix is becoming more and more popular, with Apache beating
Microsoft IIS as the web server of choice for many companies," said
Graham Cluley,
senior technology consultant at Sophos. "However, this popularity
attracts attention from the cybercrime community, so fans of Unix
need to remember to take security seriously. Instead of waiting for
the next threat to emerge, they should get into the habit of
patching susceptible systems as soon as a fix becomes available.
Pre-emptive safe
computing measures like this would have stopped Slapper in its
tracks."
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.