Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Posted: 6/6/2003 10:31:50 AM EDT
Started to appear last Tuesday... there is a new variant of last year's bugbear worm. W32/Bugbear.B@MM worm spreads via e-mail and network shares. article.... [b]Bugbear PC worm spreading fast [/b] [i]Variant attacks security systems through Inernet Explorer, could cause loss of confidential data. [/i] [url]http://money.cnn.com/2003/06/05/technology/bugbear.reut/[/url] SEATTLE (Reuters) - A variant of the Bugbear worm, which spread around the Internet last October, opening back doors on computers and logging keystrokes, has started to infect users around the world, putting them at risk of losing confidential information. The Bugbear variant is better at using addresses in a user's e-mail program, sending itself to those addresses using the infected user's identity, said David Emm a marketing manager for Network Associates Inc.'s Anti-Virus Emergency Response Team. The new worm also sends mail with familiar subject lines such as "Interesting...", "Just a reminder" and "Hi!" to try and get any recipients to open e-mail containing the worm. Once activated, the Bugbear variant tries to disable security programs and starts to snoop on an infected system. "There's potential for confidential data to be lost," Emm said. Bugbear takes advantage of a known vulnerability in Microsoft Corp.'s (MFST: Research, Estimates) Internet Explorer and can be run automatically simply by reading the e-mail and not opening the attachment. It also can spread via other e-mail programs, but it will not automatically be run in the same way. Bugbear first emerged Tuesday, but has begun to pick up steam since then, computer security analysts said. Several computer security firms have developed security patches for the worm that can be downloaded to prevent infections.
Link Posted: 6/6/2003 10:44:40 AM EDT
[Last Edit: 6/6/2003 10:48:18 AM EDT by Methos]
also, there is a new new patch available = [url]http://v4.windowsupdate.microsoft.com/en/default.asp[/url]
Link Posted: 6/6/2003 10:51:14 AM EDT
Originally Posted By Methos: Bugbear takes advantage of a known vulnerability in Microsoft Corp.'s (MFST: Research, Estimates) Internet Explorer and can be run automatically simply by reading the e-mail and not opening the attachment. It also can spread via other e-mail programs, but it will not automatically be run in the same way.
View Quote
I've known about this little vulnerability for years, and MS still has not corrected it... maybe they can be held liable, financially? hehe
Top Top