In this section

• Home
• Press office
• News archive
• Articles
• 1999
• 12

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• SophosLabs blog
• Graham Cluley's blog
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Info feeds

• Security news
• Company news

• Security news
• Company news

What are info feeds?

1 December 1999

ExploreZipB worm: Lessons to be learned

Sophos advises companies on anti-virus best practice

WAKEFIELD, MASS. - In light of the outbreak of a new variant of the ExploreZip Worm, Sophos, a world leader in network-based anti-virus solutions, today said companies must learn the lesson of previous virus infections and practice safe computing.

"The latest worm, known as W32/ExploreZipB or MiniZip, is essentially identical to the original version of ExploreZip, which broke into the wild in June," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "It distributes itself via email in the form of an EXE file attachment. It's disturbing to see that the virus used precisely the same method of distribution and still fooled many users."

In most organizations, very few - if any - users need to send email programs (such as .EXE files). Usually, only a few trusted staff in the IT department will have a business need to send out or receive EXEs. By eliminating the exchange of games, screensavers, greetings cards, pornographic animations and so-called "joke" programs, users can dramatically reduce the risk of infecting their computers and their companies' networks with viruses.

Sophos advises companies to not only update their anti-virus software but also to forbid users from sending or receiving programs, unless authorized. Technology (including anti-virus software and firewall/gateway systems) can help enforce this rule, but the rule has to be known throughout a corporation in order to be truly enforceable.

Sophos's analysis of the ExploreZipB incident and details of how companies can best improve their anti-virus policy in the light of this virus, are described here.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com