Slashdot Mirror
Virus Piggybacks Microsoft Mail Worm
metacell writes "A virus (a version of the Chernobyl virus) infects an email worm executable (the Klez worm), and is spread along with it. "
It's a damn good *delete* thing that Microsoft has been *delete* spending the last few weeks
doing a *delete* security audit *delete* of all of *delete* ah never mind. My wrist hurts
from deleting over a meg of mail worm viruses a day.
Because, there hasn't been an Outlook patch kicking around for some time now. And because no open-source software has bugs. Ever.
So, in short, there's two lines of Microsoft bashing there, accompanying a really dull story about a virus that no AV software has any trouble detecting?
Must be the slow season I guess.
Score:-1, Funny
no mather how good a patch is, some people will always remain unpatched/unupgraded. And some of those people also gets viruses and everybody gets irritated by that, I mean, everytime I check at someone's else's PC it ain't patched.
If at first you don't succeed, then sky diving definitely isn't for you.
I use outlook
I have done for many years
I like the interface, its easy to use, and I'm used to it
However, in the past few months I have been recieving more and more viruses and it has seriously made me reconsider my position... Last week alone my virus scanner blocked atleast 50 virus infected emails
I never open attachments, I have the preview pane turned off, I have outlook set to use the restricted zone for emails, I have norton scanning every email I get - but just yesturday I got an email informing me that I'd sent an infected mail out...
I will almost certainly be moving away from outlook within the next week just to get away from it all
The BEST virus spreader evern invented... The sad thing is, it doesn't MATTER IF MS fixes it, there are so many millions of the "take me in the ass, script kiddie" versions of Outlook and/or IIS running on 2000/NT and 9x workstations owned by users with no clue as to how to patch their systems that this will be a problem for YEARS...
I'm telling you, software makers NEED liability. It's the only way we will ever have responsible programs released. Right now, software makers can get away with selling products that have defects in them on the order of ones that if they were in cars, would send Ford or GM into receivership.
These e-mail worms would never be able to spread in this way if it were not for defects in Microsoft products.
Until software houses are FORCED by liability that can't be EULA'ed away, there will never be wuality control.
=== The price of freedom is eternal vigilance
Okay, as a long-time Mac user and a reader of Linux sites like this, I know that Windows carries a massively larger burden of virii than other Operating Systems out there. Time and time again, I have heard it said that this is due to their market share - hackers want to be seen and thus make their virii attackers of the software that most people have. But this really rings hollow for me - the MacOS has always been relatively free of virii, as has Linux, as has BSD, as has AmigaOS, as has BeOS etc. This seems to imply that maybe aside from marketshare, Microsoft engineers (or marketting staff) are doing something wrong.
Let's take a constructive approach to this topic. With so many SysAdmins out there, what are the TOP TEN things that Microsoft (or any OS maker) can do to prevent virii? I am just a humble Business Analyst, but here are a few ideas that come to mind for me (I hope the coders will forgive my ignorance on some of the finer points):
10. Disable scripting in certain programs (e-mail) by default.
9. Automatically download security pactches to PCs if they are of a sufficient severity level (but put measures in place to make sure the same mechanism is not used to transmit virii/worms)
8. Auto-detect large numbers of e-mails being sent at once and alert users before sending
7. Make the default install for all systems the most secure install
6. Create a system to auto-report virus/worm infections to a central (independent) agency for monitoring (user-selectable kill switch for this functionality should be available tho)
5. Allow purchase of "health insurance" for PCs by Microsoft to reimburse for lost productivity/hardware due to infection - monetary incentive for MS to push quality and security
4. Create a module of the OS to track virus reports/alerts and display them in the taskbar - produces one trusted source for alerts and to decrease the effectiveness of e-mail hoaxes
3. Integrate virus alert into mail program for incoming e-mails - advise users when a known large-scale e-mail virus/worm is out there to decrease openning of infected mail.
2. Give sysadmins the ability to change e-mail setting for all users when a large-scale outbreak is going, to specifically turn off scripting, html reading, java, etc.
1. Provide a method for a daily audit of all processes running on a machine to identify all those not initiated by the user, and flag those taking part in suspicious activity.
Not sure if those are insightful or lame. But feel free to improve upon this list, ad infinitum.
...but then, Boeing jets don't have intrinsic flaws that make them likely to fly into tall buildings.
(BTW... Is there a version of Godwin's law for gratuitous references to terrorism or the WTC yet?)
Then again, maybe Mail/System Admins could install some AV software with daily updates and the Outlook Security Patch along with a backend server (Exchange or OpenMail [now Samsung Contact]) that can implement server-side policies to prevent users from overriding and running executables anyway.
With this done, viruses and worms have little effect.
And the constant reminders to your user-base of proper e-mailing habits does eventually sink in.
Outlook is insecure...yada yada yada...people should take responsibility for their systems and stop blaming Microsoft for everything...after all, they're only responsible for maybe half of the world's problems.
For as long as people keep insisting that sending spam doesn't hurt anyone cause they can just hit the delete key.
No.
The first worms out there (as I recall) were autonomously helping computers - fixing problems, tuning them and so on. All beautiful, the computers fixed themselves.
Until someone came in one morning and found the machines jammed on 100% CPU and playing up. The worm had a bug in it. At which point, research stopped quickly because it was shown just how destructive this sort of thing could be.
Please, nobody try and piggyback helpful code onto an e-mail virus. How sure are you that there isn't a single bug on any possible client platform?
Greg
(Inside a nuclear plant)
Aaaarrrggh! Run! The canary has mutated!
Hey, since when is open source about a single platform?
--
metacell writes "A virus (a version of the Chernobyl virus) infects an email worm executable (the Klez worm), and is spread along with it. " It's a damn good *delete* thing that Microsoft has been *delete* spending the last few weeks doing a *delete* security audit *delete* of all of *delete* ah never mind. My wrist hurts from deleting over a meg of mail worm viruses a day.
Maybe you should tell the people on your contact list to stop opening attachments (or at least get the latest patches). Microsoft is all but Moron proof.
linux machines get hacked into every day. Is it a linux flaw? no...it's a user flaw. So why should Microsoft be nay different? Maybe because they're against open source?
Then again, maybe Mail/System Admins could install some AV software with daily updates and the Outlook Security Patch [google.com] along with a backend server (Exchange or OpenMail [now Samsung Contact]) that can implement server-side policies to prevent users from overriding and running executables anyway.
:)
With this done, viruses and worms have little effect.
And the constant reminders to your user-base of proper e-mailing habits does eventually sink in.
And if there's a street near your house with lots of potholes and cracks, you can get larger tires, better shocks for your car, and instruct your passengers to hold on tight when you turn onto that street.
Or you can just take another street
Getting the city to fix the potholes isn't a bad idea either.
First, Outlook != Outlook Express. Once again, I will say, I agree, it's a joke that scripting is on by default in Outlook. It doesn't take a brain surgeon to figure that one out. Furthermore, I will say that I don't see ANY reason to have Outlook Express (the POP3 client) to have scripting AT ALL (or at the very least requiring a separate download to install)
Also, I don't write Outlook scripts for a living (although I do have several I've writen myself to clean up my mailbox, etc). But, to say it is a feature no one uses (or should use) is wrong. There are businesses that do large portions of there business on Outlook Forms, just as there are lots of folks who have done custom Notes development, and just as there are firms that have done customized oracle forms/applications/workflow development.
DO NOT DISTURB THE SE