Sober worm makes a comeback

The Sober.P worm is still spreading fast and made up almost 5 percent of all e-mail traffic on Friday morning, according to a U.K. antivirus company.

Sophos said that the worm accounts for around 77 percent of all virus activity it is seeing. The company said the Sober variant is still spreading, even though large corporations appear to have patched the vulnerabilities that the virus uses to propagate.

"It's lingering around like a nasty smell and spreading in big numbers," said Graham Cluley, senior technology consultant at Sophos. "It's still at the same level in that it's 4.65 percent of all e-mail out there. We can't be sure how many people it's infecting, but we think most big business will be protected."

Worm alert
Sober.P prevention and cure

Learn more about the bilingual worm from CNET.com.

Sophos reported earlier this week that Sober.P appears to turn off Symantec's antivirus protection and the Microsoft Windows XP firewall, probably as a way of preparing computers to distribute spam and to spread itself wider.

"That's probably why it has become widespread so quickly," Cluley said. "(Virus writers) used spam technology to send it out. Now it's just perpetuating."

Sober.P--which security companies have variously tagged as Sober.N, Sober.O or Sober.S--travels as an attachment in e-mails written in English and German. One of the most widely reported e-mails contains an alluring message stating that the recipient has won free tickets to the 2006 World Cup in Germany, but many other types have also been spotted. Once opened, the virus sends itself to e-mail addresses harvested from the infected machine.

Dan Ilett of ZDNet UK reported from London.

Virus,Worms,Exploits, Complete Reporting

The MAC and Linux community would appreciate it greatly if you would go that extra step in reporting these things to the world by including the phrase
"These are ONLY affecting Microsoft PC's" !!!!
"Linux and Mac PC's are not affected"

Thanks....

[aabcdefghij987654321]

So true.

This is NOT an email virus. This is a Windows/Outlook virus. The media people need to harp on this LOUDLY. Microsoft's feet need to be held to the fire everytime this occurs or things won't change.

[catchall]

Give it a rest

What the press needs to SHOUT is that with an up to date anti-virus program, even Windows PC's are no longer affected. This could have been squashed in a day. Then they need to point people to free or low cost antivirus ( <a class="jive-link-external" href="http://www.grisoft.com" target="_newWindow">http://www.grisoft.com</a> )(hint hint wink wink) .
Lets face facts. If the affected users switched to the Mac, virus writers would target the Mac, and easily score. A fool who can't be bothered and is willing to double click anything comming into the inbox on a PC is just as easy a target on anything else.

As I sat there

As I sat there, Symantec's alert pop-up window appeared, alerting me to a fast-spreading problem. I installed the fix &#38; kept on working, using Outlook &#38; Outlook Express.

BFD - there's a fallacy circulating, that if someone is using M$ products, that probably ARE porous, they have security issues. All it takes, is properly security software &#38; hardware &#38; the right settings (no automatic downloads &#38; no automatic running) and things are Hunky Dory.

Sure, M$ have some buggy code - but RULE # 1 - ALL SOFTWARE HAS BUGS. Apple just released a bunch of fixes - apparently not security related, but bugs none the less. There are also issues with Tiger, where it doesn't interact correctly with existing software &#38; where the vendors are having to fix their own software, to deal with Tiger.

So, providing people don't rely on security software that comes with an OS &#38; install &#38; set it up correctly, it IS possible to use buggy applications, like Outlook.