HomeProductsServicesDownloadSupportNewsPartnersPurchaseContact
 

PRESS RELEASE
Norman Data Defense Systems
Oslo, 19 September 2003

New email worm spreading rapidly

Norman Virus Control's new Sandbox technology stopped the worm even before the update, under the general diagnostic W32/P2PWorm.

CORPORATE NEWS

Latest News
News archive

INFORMATION
Products & Solutions
QUESTIONS? CONTACT US
Norman Data Defense Systems today issued a high alert for the new fast-spreading worm W32/Swen.A. This worm spreads through email, networks and chat programs. It uses a vulnerability in unpatched versions of Internet Explorer to execute without user interference to open the email attachment. Microsoft provided a patch for this vulnerability in 2001.

Norman Virus Control's new Sandbox technology stopped the worm even before the update, under the general diagnostic W32/P2PWorm. The Sandbox technology has represented a milestone in non-signature based detection of new, unknown viruses.

W32/Swen.A, also knows as W32/Gibe-F, W32/Gibe@MM.e and I-Worm.Swen, was first reported 18 September, and has been captured at an increasing rate since then. It is expected that the peak is still not reached.

Norman Data Defense Systems released new virus detection files detecting the worm a short time after it was first reported.

Recent viruses/worms detected by the Sandbox without special signatures include all recent variants of Yaha, Blaster, Randex and Opaserv.
The worm falsifies the email's sender address, making it look like an update from Microsoft. The email's subject, body and file attachment are quite realistic, so users may easily be tricked into opening the attachment.

However, Microsoft never distributes updates and patches by unsolicited email.

The worm attacks antivirus and other security software on infected computers, and changes Registry settings so that manual cleaning of the Registry is disabled.
Users are recommended to update their antivirus installation with the latest definition files immediately. All Norman Virus Control users with definition files from September 18 or later, and all users who have activated the Sandbox in their email scanners, are protected.

A free, stand-alone diagnostic and cleaning tool is now available from Norman's web site.

More information on W32/Swen.A and other malicious programs on www.norman.com

For further information, please contact

SAV25 Data Systems

More Press Release here
ABOUT SAV25      USER AGREEMENT   PRIVACY POLICY   CONTACT US                                                                           
SAV25 Data Systems
appropriate solutions
Copyright ©1999-2005 SAV25 DATA SYSTEMS. All Rights Reserved   
All Product names, trademarks, trade names, service marks and logos included in this site are the property of their respective companies and/or affiliate companies.
For best viewing, use Opera 8.02 or higher or Internet Explorer 6.X or Firefox 1.X at 800X600 resolution