Hello! You can find the information how fast the AV companies have reacted with a solution against Bozari.A/B, Drudgebot.B, IRCBot!Var and Zotob.A/B in an Excel sheet (18 KB ZIP file) which is available at <http://www.av-test.org>. Furthermore we have checked how many AV products havn't required an update in order to deal with these threats.
We have covered the following worms and variants: - Win32/Bozari.A (10 outbreak reports) - Win32/Bozari.B (1 outbreak report) - Win32/Drudgebot.B (3 outbreak reports) - Win32/IRCBot!Var (2 outbreak reports) - Win32/Zotob.A (4 outbreak reports) - Win32/Zotob.B (3 outbreak reports) We used the following rules for the formatting (XLS sheet): - Italic font = proactive/heuristic detection (in general: a detection without updates) - Bold font = first detection (first name) of the worm - Normal font = subsequent names used for the worm (e.g. second name, third name...) Two magazine reviews have been published which are based on this data: - PC Magazine - heuristic test results: <http://www.pcmag.com/article2/0,1895,1850847,00.asp> - PC WELT (Germany) - response times: <http://www.pcwelt.de/news/sicherheit/118264/index.html> Of course, we know that the problem related to MS05-039 is not primary an AV problem, but something for (Personal) Firewalls, IDS/IPS systems and a better patch management. :-) cheers, Andreas Marx CEO, AV-Test.org http://www.av-test.org _________________________________________________________________________ Mit der Gruppen-SMS von WEB.DE FreeMail können Sie eine SMS an alle Freunde gleichzeitig schicken: http://freemail.web.de/features/?mc=021179 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/