:: NORMAN :: Antivirus | Firewall

This worm may enter a computer in several ways - it will either be received as an email with an attachment, over open shared drives in networks, and it seems that it will also attempt to break into machines running the web server software IIS (Internet Information Server), utilizing various security holes well known . All IIS web server admins are encouraged to patch up their web server to protect themselves. An accumulative patch for IIS servers is available from: http://www.microsoft.com/technet/security/bulletin/MS01-044.asp

When the infected file is run, it will copy itself to the system directory as a hidden file called LOAD.EXE. This file is called from the file SYSTEM.INI so that it is run from startup.

Norman researchers are continuing to examine the worm and will be posting a more detailed description of the worm on the Norman web site once the analysis is complete.

Norman Virus Control with definitions files from September 18th or later detects this worm. Users are encouraged to update their Norman Virus Control protection to the most recent version.

More information on www.norman.com

For further information, please contact

Norman ASA, VP Marketing Bjørn A. Windfeldt, tel.+47 67 10 97 76, mob. +47 41 53 97 76

Security Information

>>	The Internet Crime Complaint Center's report for 2007
>>	2007

Security News and Advisories

>>	Three critical updates for Microsoft systems in June 2008
>>	Three critical updates for Microsoft systems in May 2008

Norman is one of the world’s leading companies within the field of data security. With products for antivirus (virus control), personal firewall, antispam and antiadware, the company plays an important role in the data industry.