Information Security News mailing list archives
Re: Microsoft to Blame for 'Love Bug'?
From: Aj Effin ReznoR <aj () REZNOR COM>
Date: Fri, 12 May 2000 11:53:09 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Forwarded by: JJ Gray <nexus () patrol i-way co uk> Hi folks, To my mind, it makes no odds wether it is a .vbs script, an .exe, a word macro or whatever - chances are I'll find someone to run it for me, as was proved recently by whoever wrote the iloveyou worm. How long will it take for people to think for a second before blindly double-clicking on an attachment ? Regards, JJ
You don't need to find someone to run it. From: http://www.thestandard.com/article/article_print/1,1153,15019,00.html "Meanwhile, the new "Kak" e-mail virus has emerged, able to spread even if a recipient doesn't open its attachment. Kak affects users of Internet Explorer 5.0 and Office 2000, and it works with Outlook and other e-mail programs that recognize HTML. It doesn't damage files like the Love Bug virus does, but a destructive version of it is almost certainly coming to a computer near you." It's getting easier every day for virus script authors to do more damage. Sample skeleton code from other rapidly spreading virii (note that ILOVEYOU also spreads through mIRC as well as Outlook. mIRC virii aren't new, but little spoken of) and add in a new twist. - - - From renaming and chaning attributs on files, to future potentials. Erasing spreadsheets and documents. Erasing Outlook's own .pst files. What about a virus that cross posted Word and Excel files (a good place to guess where corporate data might reside) to major USENET groups? All sorts of nifty stuff can come out this, that which Microsloth has wrought. The sky IS the limit. It's a matter of someone brave/dumb enough to code up and release a new variant of something more deviant than before. I only touched it once before deinstalling it, but I beleive it was Outlook Express (or Outlook 98?) where it had an option, I beleive (suprise) enabled by default, where all incoming mail would have all recipients automagically copied into your addressbook. Great. Makes Melissa and ILOVEYOU style virii propegate all the further. Don't blame it on the users. Security is a changing and to some degree, a still developing field. How can we possibly expect anyone on an MS platform (think of the high number of consumers using it) to become as educated as they should be? People use MS platforms, among other market driven reasons, because they don't have to *learn* in order to *use*. When was the last time you bought a power drill and actually *read* the directions? Rome's burning, folx. Pardon me while I break out my Penguin embossed fiddle.... - -aj effin reznor www.reznor.com -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.2fc7 iQEVAwUBORxTER2R0J6zGkAjAQHsFAf/eSD0UGNNw6NtN3+oODEzvzM1/yqNGxU0 DJLNZCpmDFBqsAzR8LyxxCb2qhZ5VxIobl0aaSZKpI/hnZ8S6I8YlbHR/GV2V5qg p8lpjQiPHzmz5q9VMGt4FHz6wK+LzY9iK9sEeMSg3t0ku0lm/jmIQROx8eqAWOPI 5f3pvmT9TuDWsLN1bEjRTLR/0cHXq8WAU8I5amkC6EOWeuMqQBFhbTRQL5UvSu4R lcGpetuSYvS9ntqCDWjxAEEODzin9KptNbh5YBQPHXYPTcHyM+Q8dnmEIFUCmbNv ATQs72vBQqpyhEGT5MSIaFZ2kHJ7eo9WTKOvP+AKWpRH0ExgnY1xQw== =X/xz -----END PGP SIGNATURE----- ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Microsoft to Blame for 'Love Bug'? William Knowles (May 12)
- <Possible follow-ups>
- Re: Microsoft to Blame for 'Love Bug'? William Knowles (May 12)
- Re: Microsoft to Blame for 'Love Bug'? Felix von Leitner (May 12)
- Re: Microsoft to Blame for 'Love Bug'? Aj Effin ReznoR (May 12)
- Re: Microsoft to Blame for 'Love Bug'? The Dodger (May 12)
- Re: Microsoft to Blame for 'Love Bug'? Barry H Gill (May 12)
- Re: Microsoft to Blame for 'Love Bug'? Bronc Buster (May 12)
- Re: Microsoft to Blame for 'Love Bug'? Erik Moeller (May 12)
- Re: Microsoft to Blame for 'Love Bug'? Barry H Gill (May 12)
- Re: Microsoft to Blame for 'Love Bug'? Chico (May 12)