Watch for Sober Attack on Jan 6 2006

  • Article

You may have seen this advisory but I’m blogging about it due to its potential serious repercussions. “Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6, 2006 and approximately every two weeks thereafter.” Watch for spikes in network traffic Thursday or Friday. [Note: I have seen a few indications that it could happen sooner but can’t attest to their reliability. ]

Mitigating Factors:
* Customers must open a malicious e-mail attachment in order to be infected by the worm.

For more information including about removal go to:
https://www.microsoft.com/technet/security/advisory/912920.mspx

Thank you,
Stephen