Virus Advisory - W32/Lovsan.worm

Reply Subscribe

Thread Tools

Search this Thread

Aug 11, 2003 | 11:00 PM

JackClark

Thread Starter

Scooby Senior

Joined: Dec 2000

Posts: 20,896

Likes: 53

From: Overdosed on LCD

Advisory
This is a Medium on Watch Virus Advisory Upgrade for W32/Lovsan.worm. This virus has had its Risk Assessment Upgraded to Medium on Watch from Low.

Justification
W32/Lovsan.worm has been Upgraded to Medium on Watch due to increasing prevalence. This was detected proactively with 4283 DATs as Exploit-DcomRpc virus, scanning compressed files.

Read About It
Information about W32/Lovsan.worm is located on VIL at: http://vil.nai.com/vil/content/v_100547.htm

Detection
W32/Lovsan.worm was first discovered on 8/11/2003. Detection will be added to the 4284 DAT files (Release Date: 08/11/2003). The EXTRA.DAT will be available soon.

If you suspect you have W32/Lovsan.worm, please submit a sample to http://www.webimmune.net

Risk Assessment Definition
For further information on the Risk Assessment and AVERT Recommended Actions please see:
http://www.networkassociates.com/us/...assessment.htm

Aug 13, 2003 | 12:17 AM

JackClark

Thread Starter

Scooby Senior

Joined: Dec 2000

Posts: 20,896

Likes: 53

From: Overdosed on LCD

This is the real problem, expect more fun over the next few months if we don't all patch the hole

[Edited by JackClark - 8/13/2003 12:20:46 AM]

Aug 13, 2003 | 08:06 AM

Foot_Tapper

Scooby Regular

Joined: Aug 2002

Posts: 1,977

Likes: 0

Cheers Jack

Aug 13, 2003 | 08:33 AM

Suresh

Scooby Regular

Joined: Jan 2000

Posts: 4,625

Likes: 4

I work for an organisation with around 60,000 employees and our intranet is still mostly unavailable this morning. Ditto mail servers. Luckily my browser and associated connectivity is working just fine

If it is MSBLAST causing this I sincerely hope somebody here gets toasted for not noticing what the whole world already knew a month ago.