The W32/Fizzer-A worm, which
can spread via email, file-sharing networks and internet relay
chat, has been found by Sophos researchers to contain a bug which
has reduced its chances of spreading even more widely.
The worm drops a number of files onto infected user's hard
drives and makes changes to the Windows Registry in order that the
files are run when the computer is restarted. However, sometimes
these dropped files do not work correctly and cause the infected
computer to crash.
"Even the least technical people will realise that something is
wrong with their computer if it crashes upon startup," said Graham
Cluley, senior technology consultant for Sophos Anti-Virus. "In
this way the Fizzer worm is its own worst enemy - a more successful
virus would keep quiet about the fact that it has infected you in
order to give it more chance to spread."
Despite the bug in the worm's code Sophos has received many
reports of companies battling Fizzer and advises all businesses to
ensure their anti-virus protection is kept updated. Sophos
Anti-Virus is even capable of detecting the non-viable buggy files
which are dropped by the worm.
"Companies who do not have procedures in place for rapid updates
should implement them now because they are sure to need them
again," continued Cluley. "Viruses like Fizzer quickly bubble to
the surface and can be a significant nuisance."
Sophos recommends customers consider implementing automatic
updates via its Enterprise