24 Jun 2004
Are you protected against the Korgo worm? asks Sophos
Weeks after Sophos first advised users how to
protect against the Korgo worm, reports are still coming in of
companies being infected by other members of the Korgo virus family.
Over 20 different versions of the Korgo worm have been
discovered by anti-virus experts in the last three weeks, with some
of them problems for unprotected businesses.
The Korgo family of worms distribute themselves in a similar way
to the infamous and widespread Sasser worm, by
exploiting a critical security hole in Microsoft's software. The
security hole, known as the LSASS vulnerability, was first reported
by Microsoft on 13 April in Microsoft
Security Bulletin MS04-011.
"It's extraordinary that new versions of the Korgo worm could
continue to cause problems as they all exploit the same Microsoft
security vulnerability as the hard-hitting Sasser worm," said
Graham Cluley, senior technology consultant at Sophos. "It's
obvious that many businesses and home users have still not applied
the patch from Microsoft, even though it was made available over
two months ago. Anyone taking security seriously should have put
the Microsoft patch in place and ensured their firewalls are in
order."
Customers using Enterprise Manager
or the Sophos Anti-Virus Small Business
Edition were automatically protected against the Korgo worms at
their next scheduled update. However, Sophos recommends users who
haven't already done so apply the security patch from
Microsoft. Home users are advised to visit windowsupdate.microsoft.com.
Sophos suggests computer users sign up for email notification of new virus
threats and add a live virus
information feed to their websites.
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.