Week In Security: Klez.H Takes Top Spot, Exchange 2000 Flaw


Here's a rundown of some of the events, announcements and other happenings in information security last week:

• Message Labs, a managed e-mail security provider, said it expects the mass-mailing Klez.H to become the biggest virus ever, surpassing SirCam. The company said it tracked 700,000 copies of Klez.H, which surfaced in April. MessageLabs attributed the worm's success to its ability to change its appearance, with varying subject lines and messages, making it harder to detect. The company said it logs more than 20,000 copies of Klez.H daily.

• Microsoft issued a patch for a flaw in Exchange 2000 that could allow an attacker to launch a denial-of-service attack. The vulnerability stems from a flaw in how Exchange 2000 handles mail with certain malformed message attributes, Microsoft said. The company rated the vulnerability as critical.

• SonicWall, Sunnyvale, Calif., rolled out a new product called Complete Antivirus, combining SonicWall's Network Antivirus, which supports automatic systemwide security updates, with McAfee Security's NetShield software for file-server protection and GroupShield software for e-mail servers. SonicWall also announced Server Antivirus for customers that want to upgrade their current Network Antivirus subscriptions to Complete Antivirus. Both solutions are available in one- or two-year subscriptions for licenses ranging from five to 1,000 users.

• eEye Digital Security, a supplier of security software, announced a partnership with Interwork Technologies, a Canada-based distributor of security and connectivity products, to distribute eEye's security products. Aliso Viejo, Calif.-based eEye also launched a new channel program with four partnership levels: authorized, enterprise, distributor and consulting.

• Array Networks, Campbell, Calif., introduced a new version of its Array Web Traffic Manager with SpeedCache Technology to boost performance and a new GUI. The product comes in two versions. Pricing ranges from $3,995 to $39,990, depending on configuration.

• Sophos, an antivirus software company with U.S. headquarters in Lynnfield, Mass., announced Enterprise Manager, which provides automatic distribution of virus updates and simplifies manual updates.