FW: bagle alert
- This will be of intrest/concern to many.I'm willing to be corrected, but I believe that using a webmail or mailwasher tool that allows one to review/delete e-mail BEFORE it is migrated to one's computer is a way to dodge this particular virus threat. If correction is needed, please reply to ALL.Al is a search engine-positioning consultant as well as a Mennonite family historian living in Saskatoon.In Kinship,
From: Al Mierau [mailto:almierau@...]
Sent: Friday, March 19, 2004 6:48 AM
Subject: bagle alertFrom Al Mierau's desk.March 19, 2004Hackers unleash virus with a twistB Y J E F F LE E
CanWest News Service (The Vancouver Sun)VA N C O U V E R
Five new variants of an e-mail virus break new ground in that recipients are no longer required to open attachments to infect their computers. The new variants of the Bagle virus which was discovered in January exploit flaws in Microsofts Internet Explorer, Outlook and Media Player programs to run a small hyper text language message that downloads the virus directly into the target computer. Although Microsoft issued a patch last October to fix the flaws, it may not be enough to prevent new variants of the Bagle virus from infecting users computers, according to a Korean antivirus company.
Eric Kwon, chief executive officer of Global Hauri, which identified three of the variants shortly after they were released overnight yesterday, said the virus is still triggered if users try to save the message on computers that have been patched with the Microsoft fix.
We found that even a patched computer is still vulnerable if someone tries to save the message, Mr. Kwon said.
Antivirus companies around the world began reporting the new variants, called Bagle-P, Q, R, S and T, overnight as users began to open messages that did not contain attachments. Computers in Korea and Australia were first hit early yesterday, with thousands of machines being infected as people went to work. Users in Britain later began to experience computer problems. The impact was expected to widen across time zones.
In the past, viruses could be spread only by users opening email attachments, which would then trigger self-propagating worm programs embedded in the attachments. But the new variants carry a web-based URL or hyper text message in the body of the e-mail that triggers the computer to download a copy of the worm from infected computers.
It turns off some security and antivirus programs and disables firewalls, according to Chris Belthoff, senior security analyst with Sophos, an antivirus company with offices in Vancouver.
This is a pretty serious new twist, he said from Sophoss antivirus lab in Boston.