 |
| The Netsky worms are named after the Skynet
corporation from the movie The Terminator. |
No need to double-click to be infected by Netsky-V
Sophos researchers have warned customers to ensure their
computers are properly patched against known Microsoft security
vulnerabilities as the W32/Netsky-V worm spreads
without using email attachments.
Whereas other widespread versions of the Netsky worm have
infected users by tempting them to double-click on an email
attachment, W32/Netsky-V exploits security loopholes in Microsoft's
software that mean users can be hit just by reading an email.
Emails containing the exploit attempt to download a copy of the
worm from another user's computer.
"Home users are especially vulnerable to this kind of attack as
their computers are often not properly protected with a personal
firewall or the latest anti-virus updates," said Graham Cluley,
senior technology consultant for Sophos. "Home users should
consider checking out Microsoft's security update website, which can scan your
home PC for security vulnerabilities and suggest which critical
patches need to be installed."
Sophos recommends that customers monitor announcements from
operating system, application and web server software vendors for
details of new vulnerabilities found in their code. Many viruses
have exploited loopholes in commonly used web browsers and email
software to increase their chances of spreading effectively.
Loopholes are found in products on a weekly basis, some
significant, some trivial.
"IT managers should keep abreast of these loopholes and apply
patches where appropriate before new viruses come along to exploit
them," continued Cluley.
Every IT manager responsible for security at a business should
consider subscribing to vulnerability mailing lists such as that
operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.
Other vendors offer similar services.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.