As of 21:05 CEST, new antivirus patterns are available to detect the w32.nimda.a@mm worm. Please run a System and Pattern Up2Date to include protection against this worm in the ASL SMTP proxy.

Since the worm is also able to spread via HTTP requests sent by IE 5.0 / 5.01 browers, we recommed to disable Javascript either in the HTTP proxy settings or in the web browsers used in your organisation. Alternatively, you can also put these lines in the ACL section of /var/chroot-squid/etc/squid.conf-default: 


# .filter eml-files
acl worm urlpath_regex -i .eml$
http_access deny worm

and then stop and restart the HTTP proxy in WebAdmin.


You Can Learn More About the Astaro Internet Security Product Line By Going to www.FirewallShop.com/Astaro.

The original article/video can be found at w32.nimda.a@mm

Leave a Reply

Your email address will not be published. Required fields are marked *