JackClark

Advisory
This is a Medium on Watch Virus Advisory Upgrade for W32/Lovsan.worm. This virus has had its Risk Assessment Upgraded to Medium on Watch from Low.

Justification
W32/Lovsan.worm has been Upgraded to Medium on Watch due to increasing prevalence. This was detected proactively with 4283 DATs as Exploit-DcomRpc virus, scanning compressed files.

Read About It
Information about W32/Lovsan.worm is located on VIL at: http://vil.nai.com/vil/content/v_100547.htm

Detection
W32/Lovsan.worm was first discovered on 8/11/2003. Detection will be added to the 4284 DAT files (Release Date: 08/11/2003). The EXTRA.DAT will be available soon.

If you suspect you have W32/Lovsan.worm, please submit a sample to http://www.webimmune.net

Risk Assessment Definition
For further information on the Risk Assessment and AVERT Recommended Actions please see:
http://www.networkassociates.com/us/...assessment.htm

JackClark

This is the real problem, expect more fun over the next few months if we don't all patch the hole

[Edited by JackClark - 8/13/2003 12:20:46 AM]

Foot_Tapper

Cheers Jack

Suresh

I work for an organisation with around 60,000 employees and our intranet is still mostly unavailable this morning. Ditto mail servers. Luckily my browser and associated connectivity is working just fine

If it is MSBLAST causing this I sincerely hope somebody here gets toasted for not noticing what the whole world already knew a month ago.

Suresh