MSN.co.uk virus alert is false alarm
Print storyDON'T PANIC
Posted in Security, 31st October 2001 13:51 GMT
Free whitepaper – Vulnerability management buyer's checklist
Many subscribers of MSN.co.uk were told that the site was infected by a virus when they logged on this morning. But it was a false alarm.
Surfers using Norton Anti-Virus are told that a Trojan horse has been detected in a Vbs (Visual Basic Script) file on the site (www.msn.co.uk/webinclude/mc.vbs), which will appear in the cache of a user's browsers after visiting the site.
But the file is harmless and the alert is a false positive, according to Eric Chien, chief researcher at Symantec's Anti-Virus Research Centre.
Over-sensitivity in the automatic detection of viruses (or heuristics) included within Norton Anti-Virus is to blame. "You have to strike a balance with heuristics and sometimes you can get it wrong," he said.
The next update to Norton Anti-Virus signature definition files, which Symantec releases today, updates users' protection so they can visit MSN.co.uk without receiving a warning. ®
Related Stories
Sophos rebuffs virus-spreading charge
Virus writers are industrial terrorists - MS
Opera and Mozilla get MSN support
MSN.co.uk begins Web email migration
Symantec users risk redirection to hacker sites
The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive