Zero-Day Protection against BlackWorm (aka Kama Sutra Worm) offered by WatchGuard Technologies

WatchGuard Offers Zero-Day Protection Against Kama Sutra Worm

WatchGuard Technologies Inc. announced that users of its Unified Threat Management (UTM) solutions have real Zero Day protection from ‘Blackworm’, which has been filling unprotected inboxes with a potentially destructive payload, scheduled to activate today February 3rd and would be appearing on the third day of every month. This true Zero Day protection sets WatchGuard apart among network security vendors.

WatchGuard’s Firebox X Core and X Peak UTM appliances bring to an end this threat by default, without the need for a signature update. However, the company has reminded users never to open unexpected attachments from any source.

Blackworm which is popularly known as the Kama Sutra email worm threatens to corrupt files on victims’ hard drives on the third day of every month. Once the payload activates, the worm overwrites the data found in all DOC, XLS, MDB, PPT, PPS, ZIP, RAR, PDF and DMP files. Most email messages carrying Kama Sutra share a similar theme in that they almost always offer pornographic content.

WatchGuard’s Intelligent Layered Security in Firebox X UTM appliances protects against this threat through SMTP proxies, which strip Kama Sutra’s MIME types by default. Users not protected by a WatchGuard Firebox X UTM should check with their anti-virus vendors to see if the signature that detects Kama Sutra is in their latest update.

WatchGuard vice president of marketing, John Stuckey said, “WatchGuard’s continuing ability to provide true Zero Day protection against new emerging threats such as the Kama Sutra worm without the need for any updates or patches assures our customers they have the strongest security in place.”

Stuckey added, “WatchGuard’s award-winning UTM appliances eliminate the window of vulnerability that exists in the time before signature updates can be deployed. The difference between WatchGuard’s true Zero Day protection and waiting for a signature update with other solutions could be the difference between a functioning network and a crippling attack.”