By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
It also warned users of third-party anti-virus gateways that its Savi programming interface would also be affected by the flaw.
According to Phil Wood, product manager at Sophos, the problem was caused because some e-mail servers were not handling e-mail encoded in the Mime format correctly.
He said the server should stop any e-mail with errors in the Mime encoding, but that in some instances invalid messages were getting through. Such invalid Mime messages would cause the Sophos e-mail gateway software to crash. Wood said it was impossible to anticipate all types of malformed messages.
As well as crashing the Sophos gateway, the flaw may cause Sophos to fail to detect MyDoom when it is embedded in failed e-mail notifications sent from the qmail Unix mail server.
Independent security consultant Phil Cracknell said the problems with Sophos might have arisen because the MyDoom worm caught virus researchers by surprise. "Researchers cannot develop an antidote fast enough," he said. Cracknell believed that researchers had to rush out an anti-virus update before fully understanding the virus.
Affected users are advised to download the operating system-specific version of Sophos Anti-Virus.