Bug Watch: a two Trojan Horse race

More than 450 viruses are born each month with the potential to destroy applications and operating systems. The last week alone has seen two potentially dangerous 'Trojan Horses' rear their heads.

Trojan.Netsphere.Final alters the Windows registry to ensure its presence on every start-up. Trojan.Multijoke.B performs annoying actions on the infected computer such as interchanging mouse button functions.

A new macro virus, W97M/Eight941.01, has also appeared on the scene. It is programmed to locate and modify all Microsoft Word documents on the infected machine's hard disk.

The seamless integration of email systems into word processors, spreadsheet applications and contact management systems has made it particularly easy for new viruses such as these to self-replicate and infect entire systems. So how can companies protect themselves?

An antivirus philosophy within your workforce must be encouraged and strict guidelines introduced. The golden rule for internet and email usage is simple - do not open any email attachments that have not been requested, even when they come from a reputable source.

Companies should also carefully consider the installation of a firewall. However, the single most important part of any policy remains the careful selection of an antivirus software package. Several things should be considered in this selection process:

• Does the software combine multiple scanning technologies? For example, heuristic searches (in which the software searches for a sequence of instructions that are normally found in virus code but which are unusual in benign programs) should be coupled with the string search method, the standard method of detection in which the program identifies a string of code or data which is particular to each virus. This provides adequate protection from all virus types, even when new or unknown.
• Does the software have a memory-resident program capable of detecting and disinfecting viruses before they can infect the user's machine?
• Is the software updated on a regular basis, daily for example, and are those updates distributed easily across a network?
• Finally, the antivirus software should have a proven track record when it comes to effective detection rates - there are more than 50,000 known viruses and not all antivirus software packages are on a par.

Click here to read the previous edition of Bug Watch

Next edition: 28 July