Sober Set To Strike Again

WMF files last week,

Microsoft Wednesday released a security advisory (912920) warning users that the Sober variant may download and run malicious files from certain domains.

The worm infects computers by enticing users to open an attached file or executable program in e-mail. Opening the file or executable will cause the worm to send itself to all the contacts in a system&'s address book. Customers using the most updated antivirus software are at a reduced risk.

The Sober variant illustrates the need for a layered security approach, said Andy Greenawalt, founder and CTO of security solution provider Perimeter Internetworking. Perimeter uses five independent virus scanning engines looking at incoming e-mail for executable and Zip files, which is how the Sober worm is spread. Perimeter is also continuously monitoring hosted gateways to identify suspicious external IP addresses attempting to make connections from the Internet and blocking them at the gateway. "With a layered mechanism, you can address a huge range of problems," Greenawalt said.

Microsoft recommends users who think they are infected with Sober or are not sure whether they are infected, to visit Safety.live.com and choose "Protection Scan" or run the latest version of the Malicious Software Removal Tool from either Microsoft Update or Windows Update to ensure that their systems are free of infection.

id
unit-1659132512259
type
Sponsored post