ITsafe Bulletin 2005/006

May 31st, 2005

ITsafe Bulletin 2005/05

What is it?
A significant number of reports are being received of a new mass-mailing
Trojan-type worm, that seems to be a variant of the "Bagle" family. It is
being referred to by a number of different names, including "Bagle.AR", "Bagle.BO", "Bagle-Q" or "Troj.Tooso.B".

What does it affect?
Most computers that use Microsoft Windows

What does it do?
The worms will arrive by email, and will :

* Try to turn off anti-virus applications
* Try to delete files from the computer
* Download additional code from the internet

How do I protect myself?
As always, exercise care when opening attachments to email messages, as detailed at

How do I fix it?
Keep your Anti Virus Software Anti Virus Software updated with the latest
signatures from your supplier. If you suspect that you have been
infected, your supplier's website should contain instructions as to how you can disinfect your computer.

1. ITsafe Bulletins are issued by e-mail when significant risks have been
identified that are likely to affect the majority of ITsafe users.
2. As our advice is that you should not click on URLs ("links") in any
e-mail, we actually recommend you follow good practice, and type in the website name yourself in the box at the top of your browser window to see our detailed advice, rather than clicking on any links.
3. This Bulletin is based in part on information supplied to ITsafe by
Outpost 24

ITsafe Team
Making IT safe for You
The UK Alerting and Advisory Service for Information and Communications Technologies (ICT) Security

Make sure that your AV software is up-to-date and take care when opening email attachments.

This entry was posted on Tuesday, May 31st, 2005 at 17:49 and is filed under In the News, Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.