Symantec Hong Kong
 global sites
products
purchase
service and support
security updates
downloads
about symantec
search
feedback


© 1995-2006 Symantec Corporation.
All rights reserved.
Legal Notices
Updated Privacy Policy
press centre

Symantec Security Response Identifies a New Variant of the Beagle Worm -- W32.Beagle.AB@mm

Hong Kong -- 16 July 2004 - Symantec Security Response has identified a new variant of the Beagle worm -- W32.Beagle.AB@mm. Symantec has upgraded this threat to a Level 3 due to increased submission rates from both corporate and consumer customers. To date, Symantec has received a total of 66 submissions - 17 from corporate customers.

W32.Beagle.AB@mm is a mass-mailing worm that opens a backdoor on TCP port 1234 and uses its own SMTP engine to spread through e-mail. The source code is embedded in the worm and may arrive in an e-mail or in an attached message. If a machine becomes infected with W32.Beagle.AB@mm, it will allow the attacker to have remote, unauthorized access to the machine. Due to the ability of the remote user to perform so many different actions on the server system -- including installation of applications -- it is highly recommended that compromised systems can be reinstalled.

The threat also creates a mass mailing of itself, which may clog mail servers and downgrade system performance.

Symantec Security Response recommends that IT administrators filter attachments not on a list of approved types at the e-mail gateway and apply the Outlook E-mail Security Update (Q262631) in order to block user access to certain attachment types. This update will also notify the user of applications attempting to access the Outlook address book.

"We've seen numerous variants of the Beagle family in the last six months; however, W32.Beagle.AB@mm appears to be spreading rapidly, outpacing the last several variants," said Oliver Friedrichs, senior manager, Symantec Security Response. "This threat is impacting both consumers and business alike, so all users should be taking steps to ensure that their systems are protected."

Symantec strongly advises users not to open e-mails from unknown sources and to keep all antivirus definitions up to date.

About Symantec
Symantec is the global leader in information security providing a broad range of software, appliances and services designed to help individuals, small and mid-sized businesses, and large enterprises secure and manage their IT infrastructure. Symantec's Norton brand of products is the worldwide leader in consumer security and problem-solving solutions. Headquartered in Cupertino, California, Symantec has operations in more than 35 countries. More information is available at http://www.symantec.com.

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec and the Symantec logo are trademarks or registered trademarks, in the United States and certain other countries, of Symantec Corporation. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.