Re: Microsoft to Blame for 'Love Bug'?

[Aj Effin ReznoR <aj () REZNOR COM>]

-----BEGIN PGP SIGNED MESSAGE-----

> Forwarded by: JJ Gray <nexus () patrol i-way co uk>
>
> Hi folks,
>     To my mind, it makes no odds wether it is a .vbs script, an
> .exe, a word macro or whatever - chances are I'll find someone to
> run it for me, as was proved recently by whoever wrote the iloveyou
> worm.
> How long will it take for people to think for a second before
> blindly double-clicking on an attachment ?
>
> Regards,
>             JJ


You don't need to find someone to run it.

From:
http://www.thestandard.com/article/article_print/1,1153,15019,00.html


"Meanwhile, the new "Kak" e-mail virus has emerged, able to spread
even if a recipient doesn't open its attachment. Kak affects users of
Internet Explorer 5.0 and Office 2000, and it works with Outlook and
other e-mail programs that recognize HTML. It doesn't damage files
like the Love Bug virus does, but a destructive version of it is
almost certainly coming to a computer near you."

It's getting easier every day for virus script authors to do more
damage.  Sample skeleton code from other rapidly spreading virii
(note that ILOVEYOU also spreads through mIRC as well as Outlook.
mIRC virii aren't new, but little spoken of) and add in a new twist.
- - - From renaming and chaning attributs on files, to future
potentials.
Erasing spreadsheets and documents.  Erasing Outlook's own .pst
files.  What about a virus that cross posted Word and Excel files (a
good place to guess where corporate data might reside) to major
USENET groups?

All sorts of nifty stuff can come out this, that which Microsloth has
wrought.  The sky IS the limit.   It's a matter of someone brave/dumb
enough to code up and release a new variant of something more deviant
than before.

I only touched it once before deinstalling it, but I beleive it was
Outlook Express (or Outlook 98?) where it had an option, I beleive
(suprise) enabled by default, where all incoming mail would have all
recipients automagically copied into your addressbook.  Great.  Makes
Melissa and ILOVEYOU style virii propegate all the further.

Don't blame it on the users.  Security is a changing and to some
degree, a still developing field.  How can we possibly expect anyone
on an MS platform (think of the high number of consumers using it) to
become as educated as they should be?  People use MS platforms, among
other market driven reasons, because they don't have to *learn* in
order to *use*.  When was the last time you bought a power drill and
actually *read* the directions?

Rome's burning, folx.  Pardon me while I break out my Penguin
embossed fiddle....

- -aj effin reznor
www.reznor.com


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2fc7

iQEVAwUBORxTER2R0J6zGkAjAQHsFAf/eSD0UGNNw6NtN3+oODEzvzM1/yqNGxU0
DJLNZCpmDFBqsAzR8LyxxCb2qhZ5VxIobl0aaSZKpI/hnZ8S6I8YlbHR/GV2V5qg
p8lpjQiPHzmz5q9VMGt4FHz6wK+LzY9iK9sEeMSg3t0ku0lm/jmIQROx8eqAWOPI
5f3pvmT9TuDWsLN1bEjRTLR/0cHXq8WAU8I5amkC6EOWeuMqQBFhbTRQL5UvSu4R
lcGpetuSYvS9ntqCDWjxAEEODzin9KptNbh5YBQPHXYPTcHyM+Q8dnmEIFUCmbNv
ATQs72vBQqpyhEGT5MSIaFZ2kHJ7eo9WTKOvP+AKWpRH0ExgnY1xQw==
=X/xz
-----END PGP SIGNATURE-----

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".