|
Posted by What's in a Name? on September 20, 2005, 1:59 am
If you were Registered and logged in, you could reply and use other advanced thread options
> McAfee had detected them under Heuristics as "New Poly Win32" but
> with v4585 the new variants are now called; "W32/Bagle.ci",
> "W32/Bagle.cj" and "W32/Bagle.cl" { I couldn't find information on
> "W32/Bagle.ck" variant but based upon mcAfe's naming convention,
> they wouldn't name the W32/Bagle.cl variant without first having a
> W32/Bagle.ck variant }
>
> I don't know if Stinger will be updated but no Bagle variants have
> been added to Stinger since 5/02/2005 when; W32/Bagle.bo -
> W32/Bagle.bt were added. That leaves; W32/Bagle.bt - W32/Bagle.cl
> needing to be added.
>
>
> -------
> The 4585 dat files have been released due to the mutliple variants
> of Bagle that have been spammed out today.
>
> The various 4585 dat file packages can be found at
> http://www.mcafeesecurity.com/us/downloads/default.asp.
>
> IS YOUR ENGINE UP-TO-DATE? - Anti-virus is only as good as its
> last update!
>
> Current Engine Information by platform:
> - Microsoft: 4400
> - Netware: 4400
> - UNIX: 4400
> - Macintosh OS X: 4400
>
> Engine Security Tips from AVERT and the McAfee Security Engine
> Development Team
> - Updating your DAT files regularly is essential and a MUST!
> - Updating your scan engine is just as important and a MUST
> - An old Engine WON'T catch some of today's threats
> - Sometimes architectural changes to the way DAT files and
> scan - engine work together make it critical for you to
> update your scan engine
> - AVERT says it makes sense to have as part of your Security
> Policy - Program an Engine Update process to take advantage
> of the latest
> technology and stay protected!
>
> The Problem
> Between 250 and 400 new detections are added to the DATs monthly
> by AVERT. If you're not up-to-date, you are vulnerable to any one
> of them that gets a foothold in the field (a.k.a. 'in the wild').
> McAfee AVERT releases regular DAT files, ensuring that full
> protection is added to all McAfee products.
>
> The DAT files contain the information required to detect and
> remove threats - what to look for and where to look for it.
> However, today's threats are evolving almost on a daily basis.
> Software providers continue to have operating systems and
> applications changes that can change the way a program acts or
> works and a virus-scanning program may not understand the changes.
>
> The Solution
> Taking this into account McAfee Security regularly updates its
> scan engine used by ALL McAfee Security virus detection and
> removal products. The engine understands all the different
> structures in which a virus could lurk - EXE files, MS Office
> files, Linux files, etc. Occasionally these changes require us to
> make significant architectural changes to the engine as well as
> the DAT files. AVERT strongly recommends users of ALL McAfee
> Security virus scanning products update the scan engines in the
> products they have deployed as part of a sound Security best
> practices program.
>
> Here's how to check your engine version. Right-click on the
> McAfee shield in the system tray, select 'About' and look at the
> 'Scan engine' version number. If you need to update, you should
> update your scan engine immediately.
>
> McAfee Security Engine End-Of-Life (EOL) Program
> Because of the evolving malicious code threat, users should update
> their engines as soon as possible upon the release of McAfee
> Security's latest scanning technology. When a new engine is
> released the existing engine will begin its countdown to its EOL,
> and will therefore no longer be supported by McAfee Security.
> Information on the McAfee Security Engine End of Life policy and a
> full list of supported scan engines and products can be found at:
> http://www.mcafeesecurity.com/us/products/mcafee/end_of_life.htm
>
> Best Regards,
>
> McAfee AVERT - Anti Virus and Vulnerability Research, Analysis,
> and Solutions visit us at www.avertlabs.com
>
>
Hey David-seems that Bagle.ck is the one that virusguy was talking
about the other day(price.zip)
http://vil.mcafeesecurity.com/vil/content/v_136039.htm
-max
--
Playing Nice on Usenet:
http://oakroadsystems.com/genl/unice.htm#xpost
My Pages: http://home.neo.rr.com/manna4u/
http://home.neo.rr.com/manna4u/keepingclean.html
http://home.neo.rr.com/manna4u/virusprevention.html
http://home.neo.rr.com/manna4u/tools.html
Change nomail.afraid.org to yahoo.com to reply.
Registered Linux User #393236
| 
XML site map