01 Oct 2002
Sophos says simple steps stop Bugbear worm dead in its tracks
Sophos, a world leader in corporate anti-virus protection, is
advising IT managers that the new "Bugbear" worm is definitely
spreading.
"The W32/Bugbear-A worm
spreads by sending itself in emails, and by copying itself around
your network," said Paul Ducklin, Head of Global Support at Sophos.
"In this respect, it is much like Klez and ElKern, which are the
chart-topping viruses of 2002 so far. So the bottom line on Bugbear
is that simply following best practice guidelines for
'Safe Hex' will give you pretty complete protection against
it."
Sophos suggests that you take the following steps:
Update your corporate anti-virus now so that you can detect and
prevent the Bugbear virus. If you do not have procedures for rapid
updates, implement them now, because you are sure to need them
again. Sophos Enterprise Manager is one
way to help automate protection updates inside your company.
If possible, block all Windows programs at your email gateway.
It is rarely necessary to allow users to receive programs via
email. There is so little to lose, and so much to gain, simply by
blocking all mailed-in programs, regardless of whether they contain
viruses or not. Sophos MailMonitor for
SMTP contains threat reduction technology which can help you
block dangerous filetypes and executable code at the email
gateway.
Deploy updated versions of Outlook, Explorer and Outlook Express
on all your computers. W32/Bugbear-A exploits two vulnerabilities
for which patches have been available for over a year. If you do
not have procedures for applying patches for security
vulnerabilities, implement them now.
Urge your users to act as good custodians of their computers.
Technologies such as mail filtering, firewalling and anti-virus are
not "fit-and-forget" solutions. They do not absolve users from the
need to act responsibly, especially when dealing with unexpected
emails containing attachments.
Practising safe
computing helps you to stay safe. But it also has a positive
effect on everybody else: if you do not get infected in the first
place, you will not embarrass yourself by blasting copies of the
latest virus out to your customers, prospects, colleagues and
friends.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.