W2K/Stream: No panic for Sophos users

Sophos Press Release

Sophos researchers have today received a number of enquiries about a virus called W2K/Stream which uses Alternate Data Streams (ADS) under Windows 2000.

One security company even compared W2K/Stream to "an AIDS disease for computers", as others predicted anti-virus companies will not be able to detect the virus. Sophos users, however, found it easy to protect themselves.

"To compare a simple computer virus to AIDS is not only inaccurate, it's in appalling taste," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "We can only assume their intention is to gain newspaper inches and frighten their users, rather than actually provide sound sensible information about the true level of the threat."

Although the virus is not in the wild, and is not considered a threat, Sophos issued an IDE update to protect against it because of the media interest. This IDE will be incorporated into the main shipping product in version 3.39.

In this way Sophos Anti-Virus can not only detect the virus via a regular sweep of your hard drive, but can also provide on-access protection to prevent accidental infection.

"We have no reports of anyone infected by this virus," said Graham Cluley. "The biggest problem connected with this virus appears to be people forwarding the various alerts to each other, rather than anyone actually being hit."




More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.