|
contents | technologies | |||||||
| Protection against W32/MyWife.d@MM!M24 McAfee, Inc., the leader in Intrusion Prevention and Security Risk Management, today announced that it has provided proactive zero-day protection for the W32/MyWife.d@MM!M24 worm, also known as MyWife.d bearing the CME ID of CME-24 (M24 in the abbreviated form), since December 2, 2005, six weeks prior to the discovery of the threat. MyWife.d, which has the alias Blackworm, Blackmal, Nyxem, and Kama Sutra, was profiled Low risk by McAfee AVERT Labs, the world-class research division of McAfee, Inc., on January 17, 2006. Customers have been provided with detection capabilities since the 4642 DAT files. MyWife.d is a mass mailing virus that contains its own SMTP engine to construct outgoing messages, has the ability to spread through open network shares, attempts to lower security settings, disables security software, and overwrites files. The threat activates the third of every month, starting tomorrow, February 3. The worm harvests addresses from local files and then uses the harvested addresses to send itself, producing a message with a spoofed "From" address. "McAfee AVERT Labs maintains its Low threat rating on the MyWife virus and predicts that the data destructive payload will have minimal impact on computer users when it hits on February 3rd, " said Craig Schmugar, virus research manager, McAfee AVERT Labs. "While this threat is a throwback to more destructive worms of past years, and does not mimic the subtleties of many current viruses that are designed to generate income, the number of actual detections and possible infections remains very low." McAfee Solutions With McAfee's Security Risk Management approach, customers can effectively address business priorities and security realities. McAfee's award-winning solutions identify and block known and unknown attacks before they can cause damage. McAfee VirusScan Enterprise 8.0i and McAfee Managed VirusScan plus AntiSpyware provide generic zero-day protection against MyWife.d with the 4642 DATs, and specific variant detection in the 4677 DATs and later. McAfee IntruShield provides protection in signature sets 1.8.68, 1.9.51, 2.1.34 and 3.1.7. McAfee IntruShield sensors deployed in in-line mode can be configured with a response action to drop such packets for preventing these attacks. McAfee Secure Content Management solutions, including McAfee Secure Internet Gateway, McAfee Secure Messaging Gateway, McAfee GroupShield, McAfee SecurityShield(), McAfee WebShield SMTP and McAfee PortalShield(), have also provided generic detection for MyWife.d with the 4642 DATs and specific variant detection in the 4677 DATs and later. System Protection and Cure More information on MyWife.d and the cure for this worm can be found online at vil.mcafee.com. McAfee customers have been proactively protected since the 4642 DAT files released on December 2, 2005 which detected this as W32/Generic.worm!p2p. For customers running at least this DAT file, no action is required. Specific named detection as W32/MyWife.d@MM has already been added since the 4677 DAT release of January 18. McAfee AVERT Labs recommends all customers insure they are running the latest DAT release and schedule full system scans to insure an infection-free environment. McAfee AVERT Labs maintains one of the top-ranked security threat and research organizations in the world, employing researchers in thirteen countries on five continents. The Labs combine world-class malicious code and anti-virus research with intrusion prevention and vulnerability research expertise from the McAfee IntruShield, McAfee Entercept, and McAfee Foundstone Research, and McAfee Foundstone Professional Services organizations. McAfee protects customers by providing deep analysis and core technologies that are developed through the combined efforts of its researchers. write your comments about the article :: © 2006 Networking News :: home page |