03 Jun 2004
Sensible security stops Korgo worm dead in its tracks, Sophos reports
Sophos experts have advised computer users that there is no need
to panic about the family of worms known as Korgo, which have gained
much media attention in recent days.
The Korgo family of worms distribute themselves in a similar way
to the infamous and widespread Sasser worm, by
exploiting a critical security hole in Microsoft's software. The
security hole, known as the LSASS vulnerability, was first reported
by Microsoft on 13 April in Microsoft Security
Bulletin MS04-011.
"Anyone who is being infected by the Korgo worms must have slept
through the Sasser, Dabber and Cycle worms, which all
exploited the same Microsoft vulnerability," said Graham Cluley,
senior technology consultant at Sophos. "Any company taking
security seriously will have put the Microsoft patch in place and
ensured their firewalls are in order weeks ago. Sensible security
steps mean that you should have nothing to worry about when it
comes to Korgo."
Customers using Enterprise Manager
or the Sophos Anti-Virus Small Business
Edition were automatically protected against the Korgo worms at
their next scheduled update. However, Sophos recommends users who
haven't already done so apply the security patch from
Microsoft. Home users are advised to visit windowsupdate.microsoft.com.
Sophos suggests computer users sign up for email notification of new virus
threats and add a live virus
information feed to their websites.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.