Loading ...
Sorry, an error occurred while loading the content.

Re: bagle alert

Expand Messages
  • H. Phil Duby
    I have not seen a sample of the latest bagle incarnation yet, but the HTMLmodify plugin for SpamPal has blocked several virus emails before the virus checker
    Message 1 of 2 , Mar 20, 2004
    • 0 Attachment
      I have not seen a sample of the latest bagle incarnation yet, but the
      HTMLmodify plugin for SpamPal has blocked several virus emails before the
      virus checker got updated. SpamPal is another spam filtering tool like
      mailwasher. HTMLModify is an addon that looks for dangerous HTML usage /
      exploits, and 'breaks' them, so that the email program will not execute
      them. SpamPal and the plugins are free. See http://www.spampal.org/ for
      details.

      --
      Phil
      ----- Original Message -----
      From: Judith Rempel
      To: AFHS Dist-Gen ; MHSA List
      Cc: Al Mierau
      Sent: Friday, March 19, 2004 8:49 AM
      Subject: FW: bagle alert


      This will be of intrest/concern to many.

      I'm willing to be corrected, but I believe that using a webmail or
      mailwasher tool that allows one to review/delete e-mail BEFORE it is
      migrated to one's computer is a way to dodge this particular virus threat.
      If correction is needed, please reply to ALL.

      Al is a search engine-positioning consultant as well as a Mennonite family
      historian living in Saskatoon.

      In Kinship,
      Judith Rempel
      judith@...

      -----Original Message-----
      From: Al Mierau [mailto:almierau@...]
      Sent: Friday, March 19, 2004 6:48 AM
      To: almierau@...
      Subject: bagle alert


      From Al Mierau's desk.
      March 19, 2004


      Hackers unleash virus with a 'twist'



      B Y J E F F LE E
      CanWest News Service (The Vancouver Sun)



      VA N C O U V E R
      . Five new variants of an e-mail virus break new ground in that recipients
      are no longer required to open attachments to infect their computers. The
      new variants of the Bagle virus - which was discovered in January - exploit
      flaws in Microsoft's Internet Explorer, Outlook and Media Player programs to
      run a small hyper text language message that downloads the virus directly
      into the target computer. Although Microsoft issued a patch last October to
      fix the flaws, it may not be enough to prevent new variants of the Bagle
      virus from infecting users' computers, according to a Korean antivirus
      company.
      Eric Kwon, chief executive officer of Global Hauri, which identified three
      of the variants shortly after they were released overnight yesterday, said
      the virus is still triggered if users try to save the message on computers
      that have been patched with the Microsoft fix
      "We found that even a patched computer is still vulnerable if someone tries
      to save the message," Mr. Kwon said.
      Antivirus companies around the world began reporting the new variants,
      called Bagle-P, Q, R, S and T, overnight as users began to open messages
      that did not contain attachments. Computers in Korea and Australia were
      first hit early yesterday, with thousands of machines being infected as
      people went to work. Users in Britain later began to experience computer
      problems. The impact was expected to widen across time zones.
      In the past, viruses could be spread only by users opening email
      attachments, which would then trigger self-propagating "worm" programs
      embedded in the attachments. But the new variants carry a web-based URL or
      hyper text message in the body of the e-mail that triggers the computer to
      download a copy of the worm from infected computers.
      It turns off some security and antivirus programs and disables firewalls,
      according to Chris Belthoff, senior security analyst with Sophos, an
      antivirus company with offices in Vancouver.
      "This is a pretty serious new twist," he said from Sophos's antivirus lab in
      Boston.


      http://www.afhs.ab.ca
    Your message has been successfully submitted and would be delivered to recipients shortly.