bagle-i worm

Marco Obaid marco at MUW.EDU
Tue Mar 2 17:47:22 GMT 2004


The worm DOES provide the user with the password :)
Some of our users, as little techie as they are, managed to extract and
execute the zip file ...

Sophos, in my case, has been able to intercept Bagel A through F. For some
reason, it failed to do so for the Bagle.I. I am upgrading Sophos to the March
relesse and will Upgrade MS to latest-stable. Then I will test if Bagle.I will
make it through this time before I re-allow zip attachments on my site.

Quoting Stephen Conway <sconway at WLNET.COM>:

> Good day:
>
> Correct me if I am wrong, but if the zip is password protected, how would
> the end user open it w/o a password?  So should I be worried if some get
> through?  We have clients with slow Satellite connections, so it is
> difficult for them to upgrade their virus defs, so we are there only line of
> defense.  Is there a way for Sophos to scan password protected zip files?
>
> Thanks,
>
> SC
>



More information about the MailScanner mailing list