McAfee emergency DAT release for file infector

McAfee is aware of a particularly malicious file infector that blue-screens endpoints and is difficult to detect. While this malware seems to be a targeted attack, McAfee strongly recommends that all customers increase their protection by applying the Emergency DAT Release which includes a generic detection for the dropper which starts the infection.

McAfee has provided an extra.DAT and Stinger ZIP files for W32/DistTrack for detection and removal. See McAfee KnowledgeBase article KB75963 (https://kc.mcafee.com/corporate/index?page=content&id=KB75963).

McAfee Global Threat Intelligence (GTI) will detect the known W32/DistTrack droppers when set to ‘Medium’. See “How to enable Global Threat Intelligence Technology in your McAfee product (KB70130)” (https://kc.mcafee.com/corporate/index?page=content&id=KB70130).

NOTE: The following McAfee products currently employ McAfee DAT files:

AntiSpyware Enterprise
Anti-Virus Scanning Engine
Email and Web Security Appliance Software
GroupShield for Exchange
LinuxShield
PortalShield
SaaS Endpoint Protection
Security for Lotus Domino
Security for Mac
Security Service for Exchange
Security for SharePoint
SuperDAT Manager
VirusScan Command Line Scanner
VirusScan Enterprise
VirusScan Enterprise for Linux
VirusScan Enterprise for Offline Virtual Images
VirusScan Enterprise for SAP
VirusScan for Mac
VirusScan for UNIX