Menu
Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

BAGEL.B EXPLOITS WEAKEST LINK

  • 18 February, 2004 20:02

<p>PRESS RELEASE: For further information contact Scott Hagenus at GFI on 08 8273 3000 or Terry Quinn WordsPLUS 02 9460 0145; 0439 710 418 - or visit www.gfi.com</p>
<p>News Editors/Feature Editors/Software Reviewers please note: GFI is a highly reputable European based global company with an extensive range of security products AND OPINIONS which are sometimes at odds with US-centric AV vendors. Asia Pacific Managing Director Richard Rundle and senior technical executives such as Scott Hagenus (below) welcome the opportunity to express their often contrary views on messaging/virus/trojan security matters. Please contact them at the above numbers.</p>
<p>GFi Asia Pacific's own installation of GFi MailSecurity picked up the Bagle.B worm at 5:42 am February 17 US Pacific Time ( 12 minutes past midnight on February 18 Australian CST) – well before most major antivirus vendors were alerting or issuing updates of their signatures. - SCOTT HAGENUS GFI Asia Pacific Regional Manager.</p>
<p>GFI MailSecurity beats virus protection’s "Weakest Link"</p>
<p>SYDNEY: Thursday February 19, 2004: GFI, a leading global messaging security specialist with several thousand corporate and government clients in the Australia/Asia Pacific region, believes writers of such virus’ as Mydoom and Bagle are deliberately exploiting the "weakest link" in antivirus protection – the time delay between each new virus identification and the issuing of an alert and/or updating their signatures.</p>
<p>"This delay can vary between minutes to hours and often means the difference between infection and successful network defence," Scott Hagenus Regional Account Manager, GFI Asia Pacific said today.</p>
<p>BACKGROUND: Antivirus software companies this week issued warnings of the new Bagle.B virus which spreads using email messages and installs a Trojan horse program on machines it infects. The Trojan opens a "back door" which allows remote attackers undetected return access to control or manipulate files on the infected system at any time in the future. Such infected computers can be used, for example, to send bulk emails without the network owner’s knowledge or permission. Other access abilities may be even more sinister. The virus, is a new version of a similar e-mail worm that appeared in January and is programmed to spread until Feb. 25, 2004. Like its predecessor, Bagle.B arrives in e-mail messages with randomly generated subject lines. The virus is stored in an e-mail file attachment, also with a randomly generated name.</p>
<p>"Our own installation of GFi MailSecurity was picking up and quarantining the Bagle.B from 12 minutes past Midnight on Feb 18 (5:42am, 17th February US Pacific time), well before most major AV vendors were alerting or issuing updates of their signatures," Mr. Hagenus said.</p>
<p>"There is an additional time lag until end users and network managers receive and act on the alert," he said.</p>
<p>"Remember virus writers EXPECT their handy work to be caught – but they rely on the weakest link in antivirus protection which is the time delay, for their creations to do their dirty work."</p>
<p>"GFI has long recognised this Achilles Heel in virus protection – which is why we built MailSecurity to work the way it does," Mr. Hagenus said.</p>
<p>"Nothing and no one can claim they can protect networks 100% - however with MailSecurity administrators will know they are protected against the weakest link in the antivirus chain – time delay."</p>
<p>GFI MailSecurity provides email content checking, exploit detection and anti-virus for Exchange &amp; SMTP servers. Spam, viruses, dangerous attachments and offensive content are removed automatically on arrival. Key features include: Multiple virus engines; Email content &amp; attachment checking; Exploit shield - email intrusion detection &amp; defence; Email threats engine - analyses &amp; defuses HTML scripts, .exe files, Trojan engine &amp; more.</p>
<p>MailSecurity does not have to rely solely on Antivirus definitions updating.</p>
<p>GFI welcomes reviews and product testing. Please contact Terry Quinn at WordsPLUS on 02 9460 0145 or 0439 710 418 for arrangements.</p>
<p>For more information visit www.gfi.com</p>

Most Popular

Market Place