Security news
Security news29 October 2004
Bagle-AU worm disables Windows XP SP2 firewall, reports Sophos
 |
| The Bagle-AU worm can disable security applications, including the firewall built into Windows XP Service Pack 2. |
Experts at Sophos have warned users that the new W32/Bagle-AU worm attempts to disable security software on infected Windows PCs.
"By turning off firewall protection and other security software the author of the latest incarnation of the Bagle worm is opening up computers to attack," said Graham Cluley, senior technology consultant for Sophos. "Increasingly virus writers are aiming to take over innocent peoples' computers in order to steal, spam or launch denial of service attacks."
Sophos notes that the W32/Bagle-AU worm is capable of turning off the firewall built into Microsoft's recent Windows XP Service Pack 2 update.
"Just because you are running the latest version of Windows XP you shouldn't think you are necessarily protected from this worm," continued Cluley. "If you launch it on a PC running Windows XP SP2 it can turn off your firewall opening the door to hackers and other internet attacks."
Although the W32/Bagle-AU worm was only discovered on 29 October 2004, Sophos anti-virus products have been capable of detecting it proactively through their generic detection capabilities as W32/Bagle-Gen since 22 September 2004, without requiring an update.
Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.
