Sophos researchers have today received a number of enquiries
about a virus called W2K/Stream which uses
Alternate Data Streams (ADS) under Windows 2000.
One security company even compared W2K/Stream to "an AIDS
disease for computers", as others predicted anti-virus companies
will not be able to detect the virus. Sophos users, however, found
it easy to protect themselves.
"To compare a simple computer virus to AIDS is not only
inaccurate, it's in appalling taste," said Graham Cluley, senior
technology consultant for Sophos Anti-Virus. "We can only assume
their intention is to gain newspaper inches and frighten their
users, rather than actually provide sound sensible information
about the true level of the threat."
Although the virus is not in the wild, and is not considered a
threat, Sophos issued an IDE update to protect against it because
of the media interest. This IDE will be incorporated into the main
shipping product in version 3.39.
In this way Sophos Anti-Virus can not only detect the virus via
a regular sweep of your hard drive, but can also provide on-access
protection to prevent accidental infection.
"We have no reports of anyone infected by this virus," said
Graham Cluley. "The biggest problem connected with this virus
appears to be people forwarding the various alerts to each other,
rather than anyone actually being hit."