The past two weeks have been a busy time for the Lab’s Virus Wall, which screens incoming and outgoing messages for viruses and eliminates them before passing the message along. On just one day this week, Tuesday, Aug. 19, more than 30,000 copies of Sobig.F were screened out – which is almost 10 times the total for the entire month of July. In all of July, only 976 instances of Sobig.E were detected here, which was a decline from the previous month.

The staggering increase demonstrates just how quickly a worm or virus can spread these days – and the importance of keeping your anti-virus software up to date. A previous article describes how Mac and PC users can automatically update their systems daily.

In July, the Lab Virus Wall dealt with a total of 3,321 messages that contained attachments that if actually delivered to recipients and if opened, would cause an infection. The Klez.H worm once again prevailed with 1,359 instances, down slightly from last month. The Sobig.E worm came in second with 976 instances. The Bugbear-B-O worm placed a distant third with 364 instances. None of these worms are strangers to the Lab--they also were the three most prevalent worms in June.

A new non-mail-borne worm recently stole the show, however. The Blaster worm (also known as Lovsan, WORM_MSBLAST.A, and other names) is a Windows worm that capitalizes on a vulnerability in Microsoft’s remote procedure call (RPC) interface to download itself into Windows NT, 2000, XP and Server 2003 systems. Once it has infected a system, Blaster makes several changes and then begins attacking other systems. The LBNL Virus Wall cannot stop worms such as the Blaster worm because they use the network, not email, to spread. You need to protect your system by installing a Microsoft patch available at http://www.lbl.gov/ITSD/Security and keeping your system's Norton AntiVirus software up to date. If your system becomes infected, you should download and run a Blaster removal tool from http://www.lbl.gov/ITSD/Security.