Yet another variation of Netsky - the McAfee update for this is not due until tomorrow so beware of attachments that don't yet get flagged as a virus.

Advisory
This is a Medium Threat Advisory for W32/Netsky.q@MM worm.

Justification
W32/Netsky.q@MM has been deemed Medium due to prevalence

Read About It
Information about W32/Netsky.q@MM is located on VIL at: http://vil.nai.com/vil/content/v_101145.htm

Detection
W32/Netsky.q@MM was first discovered on March 28, 2004 and detection will be added to the 4345 dat files (Release Date: March 31, 2004). The EXTRA.DAT is available from the Virus Information Library (VIL) website.

Perhaps thats why I use Command from Authentium, my AV auto updated yesterday morning for this and several other nasties.

29/03/2004 10.15 am
Agobot.KR
Sober.E@mm (Sober.E@mm)

BAT/Gonzer.A

VBS/Petch.A

W32/Agobot.KO
W32/Agobot.KP
W32/Agobot.KS
W32/Agobot.KT
W32/Bagle.V@mm (W32/Bagle.V@mm)
W32/Bancos.A
W32/Bancos.B
W32/Cook5.A@bd (W32/Cook5.A@bd)
W32/Daemonize.A@troj (W32/Daemonize.A@troj)
W32/Domlove.A
W32/Heher.B
W32/Heher.C
W32/Litmus.A
W32/Litmus.A@dr (W32/Litmus.A@dr)
W32/Netsky.Q@mm (W32/Netsky.Q@mm)
W32/OptixPro.I

pc-cillin also updated yesterday and gave out a broadcast alert for it as well. 'new virus found in the wild, netsky.q would you like to check for updates' updates found now downloading and installing, done
All within a click and could be completly automated if required.

K

Yet another variation of Netsky - the McAfee update for this is not due until tomorrow so beware of attachments that don't yet get flagged as a virus.
It's just too late to wait till tommorrow for an A/V update. You need to be able to rely on your A/V. It only takes one file, and you've got a mess.

Sloppy A/V protection, poor patching, et all, can easily allow a virus first rated as low risk to swiftly become high risk. just look at how quick some of the original Netsky, Bagle and similar viruses spread, but the risk would initially have been low to start with?

It's just too late to wait till tommorrow for an A/V update. You need to be able to rely on your A/V. It only takes one file, and you've got a mess.

Yes, what is it with Mcafee that they can't update more quickly. One of the biggest av firms and yet they move at a snails pace, it's not like they have a manpower shortage :rolleyes:

Yes, what is it with Mcafee that they can't update more quickly. One of the biggest av firms and yet they move at a snails pace, it's not like they have a manpower shortage :rolleyes:

Actually I'm beginning to think that this was a typo in the notification because they released 4345 in the early hours of this morning (March 30th).

Thats odd, we got 4345 about 14:30 yesterday (Mon 29th)