|
| The Bagle-AU worm can disable security
applications, including the firewall built into Windows XP Service
Pack 2. |
Experts at Sophos have warned users that the new W32/Bagle-AU worm attempts
to disable security software on infected Windows PCs.
"By turning off firewall protection and other security software
the author of the latest incarnation of the Bagle worm is opening
up computers to attack," said Graham Cluley, senior technology
consultant for Sophos. "Increasingly virus writers are aiming to
take over innocent peoples' computers in order to steal, spam or
launch denial of service attacks."
Sophos notes that the W32/Bagle-AU worm is capable of turning
off the firewall built into Microsoft's recent Windows XP Service
Pack 2 update.
"Just because you are running the latest version of Windows XP
you shouldn't think you are necessarily protected from this worm,"
continued Cluley. "If you launch it on a PC running Windows XP SP2
it can turn off your firewall opening the door to hackers and other
internet attacks."
Although the W32/Bagle-AU worm was only discovered on 29 October
2004, Sophos anti-virus products have been capable of detecting it
proactively through their generic detection capabilities as
W32/Bagle-Gen since 22 September 2004, without requiring an
update.
Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam
threats as well as secure their desktop and servers with
automatically updated anti-virus protection.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.