Re: New Worm/Variant -- MSDTC32?
From: Jeff Anderson (jeff.anderson_at_usask.ca)
Date: 04/13/04
- Next message: Security Alert: "New Mailing List for HP Security Bulletins Rev.2"
- Previous message: Rob Schneider: "Re: Is Active-X really so bad?"
- In reply to: Jeff Anderson: "Re: New Worm/Variant -- MSDTC32?"
- Next in thread: Ant: "Re: New Worm/Variant -- MSDTC32?"
- Reply: Ant: "Re: New Worm/Variant -- MSDTC32?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 13 Apr 2004 10:22:30 -0600
Jeff Anderson wrote:
> Ant wrote:
>
>> "Jeff Anderson" wrote...
>>
>>
>>> I sent them a sample on Thursday, and they sent out an IDE on Friday
>>> to supposedly provide protection against this variant. It still does
>>> not detect this worm. Here's what Sophos wrote:
>>>
>>> "Name: W32/Agobot-GA [...]"
>>
>>
>>
>> Did you put the IDE in the Sophos Sweep directory? You then need to
>> stop and restart the Sophos services (or reboot).
>>
>> If it then still fails to detect, you should inform Sophos.
>>
>>
>
> We have Sophos configured to update from a Central installation
> Directory (CID) on our server so Sophos has updated from there. The IDE
> is present but not detecting this worm. I will contact Sophos and see
> what's going on.
Ok, so they have finally released an IDE to provide protection. Details can be found here:
http://www.sophos.com/virusinfo/analyses/w32agobotfz.html
- Next message: Security Alert: "New Mailing List for HP Security Bulletins Rev.2"
- Previous message: Rob Schneider: "Re: Is Active-X really so bad?"
- In reply to: Jeff Anderson: "Re: New Worm/Variant -- MSDTC32?"
- Next in thread: Ant: "Re: New Worm/Variant -- MSDTC32?"
- Reply: Ant: "Re: New Worm/Variant -- MSDTC32?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
