...working in a Windows shop, one of a dozen-and-a-half sites comprising a small multinational.
We've had a virus outbreak that's actually spreading via unpatched Symantec AV 10 (I can't believe it). I can't find much good info on it, though we got the patch and are deploying it (in fits). Our shop is still running an older version of SAV, so our computers haven't been hit like some other sites. What I know is the offending file is one ctfcoms.exe and Google isn't giving me much. And I'm not sure how much the network guys know either. The word I get is 3-4 computers (maybe less) on a LAN and it's toast (maxed-out bandwidth). I get the impression it touches a vulnerable port and you're infected. It's not too inclined to infect VPN users though. Anybody else seeing this one out there?
Our site's quiet for now, but we do have some SAV 10 users, mostly VPN. I've been making the rounds and turning up other stuff, like spyware (some rampant) and infected production tools, which run Windows sans AV because they are dedicated and not used as PC's ordinarily are.
So what's everyone using out there in this combined threat environment to handle spyware and viruses?
SAV anyone? Not me...
Reply With Quote