Security news
Security news3 June 2004
Sensible security stops Korgo worm dead in its tracks, Sophos reports
Sophos experts have advised computer users that there is no need to panic about the family of worms known as Korgo, which have gained much media attention in recent days.
The Korgo family of worms distribute themselves in a similar way to the infamous and widespread Sasser worm, by exploiting a critical security hole in Microsoft's software. The security hole, known as the LSASS vulnerability, was first reported by Microsoft on 13 April in Microsoft Security Bulletin MS04-011.
"Anyone who is being infected by the Korgo worms must have slept through the Sasser, Dabber and Cycle worms, which all exploited the same Microsoft vulnerability," said Graham Cluley, senior technology consultant at Sophos. "Any company taking security seriously will have put the Microsoft patch in place and ensured their firewalls are in order weeks ago. Sensible security steps mean that you should have nothing to worry about when it comes to Korgo."
Customers using Enterprise Manager or the Sophos Anti-Virus Small Business Edition were automatically protected against the Korgo worms at their next scheduled update. However, Sophos recommends users who haven't already done so apply the security patch from Microsoft. Home users are advised to visit windowsupdate.microsoft.com.
Sophos suggests computer users sign up for email notification of new virus threats and add a live virus information feed to their websites.
