Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Sophos Warns of New Bagle Threat

  • 18 March, 2004 19:48

Sydney, 18 March 2004</p>
<p>Sophos, a world leader in corporate anti-virus and anti-spam protection, is warning of a new twist in the Bagle virus saga. The new variant, W32/Bagle-Q, uses a different method of infection in an attempt to bypass anti-virus protection at the email gateway.</p>
<p>W32/Bagle-Q spreads via a "carrier" email which does not itself contain the virus as an attachment. When you open a "carrier" email, it attempts to exploit a vulnerability in Outlook which automatically downloads W32/Bagle-Q from the PC which sent you the "carrier" email.</p>
<p>The "carrier" email downloads and launches a Visual Basic script. This script downloads W32/Bagle-Q via an HTTP (web) request to TCP port 81 on the sender's PC. The downloaded copy of W32/Bagle-Q is placed into your system folder with the name directs.exe.</p>
<p>W32/Bagle-Q loads on your PC and terminates a wide range of security applications. It also makes multiple copies of itself into folders which are likely to be part of a file-sharing network, as well infecting programs on your PC by appending itself to existing EXE files (this is called "parasitic virus infection").</p>
<p>Sophos has published an identity to allow Sophos Anti-Virus to detect and disinfect this virus:</p>
<p>Sophos also recommends the following precautions against W32/Bagle-Q:</p>
<p>* Get and apply the latest Internet Explorer/Outlook Express patches from Microsoft. This prevents the automatic download of the virus.</p>
<p>* Disallow connections to TCP port 81 through your network firewall. Blocking outbound port 81 connections stops computers on your network from downloading the worm from outside. Blocking inbound port 81 connections means that even if you do get infected you will not pass the virus on to others.</p>
<p>Notes for Editors.</p>
<p>About Sophos.
Sophos is a world leading specialist developer of anti-virus and anti-spam software. Sophos is headquartered in the UK and protects all types of organisations, including small- to medium-sized businesses, large corporations, banks, governments and educational institutions against viruses and spam. The company is acclaimed for delivering the highest level of customer satisfaction and protection in the industry. Sophos's products, backed by 24 hour support are sold and supported in more than 150 countries.</p>
<p>Sophos's regional head office for Australia and New Zealand is in Sydney and hosts one of the company's three Computer Virus Research and Development Laboratories to provide global support services.</p>
Paul Ducklin ( is available for comment:
+61 0407 320 515 (mob)
+61 2 9409 9100 (tel)
+61 2 9409 9191 (fax)</p>
<p>Sophos's press contact at Gotley Nix Evans is:
Michael Henderson (
+61 2 9957 5555 (tel)
+61 413 054 738 (mobile)
+61 2 9957 5575 (fax)</p>

Most Popular

Brand Post

Most Popular Reviews

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Latest Articles


PCW Evaluation Team

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?