Shadey
1
Source
silicon.com
Friday 12th July 2002 4:30pm
McAfee anti-virus software fails to block Klez virus
Sometimes...
Anti-virus firm Network Associates has been forced to issue a hot-fix for its McAfee software after it became apparent that some versions were having trouble picking up the Klez virus.
The problem occurs when the Klez worm tries to spread itself via shared files on a network. On some anti-virus software configurations, McAfee does not pick up the worm until it has been executed, meaning it is free to spread as an embedded file within networks.
David Emm, product marketing manager at McAfee, told silicon.com: "This was an issue relating to the way that McAfee scanned locked files, and we've done a hot fix to sort this out."
He advised concerned users to contact their supplier or customer support line to obtain the fix.
SecurityFocus newsgroup contributor Nate Nord, who first noticed the problem, said: "The problem is that the Klez virus distributes itself using network shares and .rar files and McAfee, even though it scans them, sees them as being completely clean. You can even tell McAfee to scan individual infected files and it will not detect the virus.
"Only if the files are opened and executed will McAfee detect it but this still leaves the transport mechanism open. The virus still has the ability to completely infect a network... eventually finding unprotected machines and leaving infected files everywhere."
Full Article
h__p://w_w.silicon.com/public/door?6004REQEVENT=&REQINT1=54540&REQSTR1=silicon.com
silicon.com
Friday 12th July 2002 4:30pm
McAfee anti-virus software fails to block Klez virus
Sometimes...
Anti-virus firm Network Associates has been forced to issue a hot-fix for its McAfee software after it became apparent that some versions were having trouble picking up the Klez virus.
The problem occurs when the Klez worm tries to spread itself via shared files on a network. On some anti-virus software configurations, McAfee does not pick up the worm until it has been executed, meaning it is free to spread as an embedded file within networks.
David Emm, product marketing manager at McAfee, told silicon.com: "This was an issue relating to the way that McAfee scanned locked files, and we've done a hot fix to sort this out."
He advised concerned users to contact their supplier or customer support line to obtain the fix.
SecurityFocus newsgroup contributor Nate Nord, who first noticed the problem, said: "The problem is that the Klez virus distributes itself using network shares and .rar files and McAfee, even though it scans them, sees them as being completely clean. You can even tell McAfee to scan individual infected files and it will not detect the virus.
"Only if the files are opened and executed will McAfee detect it but this still leaves the transport mechanism open. The virus still has the ability to completely infect a network... eventually finding unprotected machines and leaving infected files everywhere."
Full Article
h__p://w_w.silicon.com/public/door?6004REQEVENT=&REQINT1=54540&REQSTR1=silicon.com
