Bugbear Windows Virus Making the Rounds

lysurgon writes "CNN.com is reporting that the "BugBear" virus (Windows/Outlook only) is spreading quickly. Unlike ILovYou-type viri, instead of deleting files or just propagating itself, this animal disables firewall software and opens a port to receive remote commands. The article doesn't draw this conclusion, but this effectively sets up slave machines for DDoS uses. Also worth noting is the puzzlement of anti-virus guys as to why they haven't been able to make the virus spread in the lab. "One of the theories is that this requires an Internet connection in order to spread." Gee, you don't say?"

Re:Safe and secure

[OeLeWaPpErKe]

Explain how a proxy protects you ?

-> It inconveniences users : jup
-> It poses problems for a *large* number of network protocols : jup
-> It is still exploitable : jups (shell commands can EASILY be sent in a http page)

get a clue

Re:Why is anyone running outlook anymore?

[1g$man]

i haven't gotten viruses in outlook. when will i get what i deserve?

oh... when i become as dumb as a typical slashtroll. heh.

Funny

[Tim+Ward]

This is an exploit of a hole that was fixed last year, yet it makes the /. front page??

However the last two major outbreaks which exploited holes patched yonks ago didn't make the /. front page. Would that perhaps be because this one is a Windows exploit and the last two were Linux/Apache exploits, by any chance, just possibly?

Re:Funny

[runderwo]

Uh, name those exploits, and I'll let you know where Slashdot posted them. KTHX

Re:Funny

[Seclusion]

I'll tell you why these stories should be on /. every time a new outbreak happens. So we the informed tech community remind the majority who run Windows to practice safe internet/pc habits. Meanwhile you may score some brownie points with friends/family/coworkers by guiding them toward the fixes they need.

Re:Funny

[The+Bungi]

You apparently don't read Slashdot enough if you think they don't cover Linux worms in some attempt to make Linux look more secure than it is.

You apparently don't understand the term "security through obscurity". There have been dozens of Linux and thrid party vulnerabilities that are mentioned in passing is Slashback or delegated to one of the topic sections without making it to the front page. Off the top of my head, here's one. It doesn't matter if it's Slashcode or Apache or SSH. It's always "HEY, ANOTHER IE SECURITY HOLE!!!1!!" and 'obythewaytheresanewsshexploitkthx'

If you want to be on top of security issues, follow SecurityFocus, not Slashdot.

When one of these finally makes it to the front page, it's filled with "No, it's Symantec's fault" and "fuck Micro$oft" posts instead of recognizing the problems for what they are - plain and simple software bugs. It happens to the best of us.

Apache is far more secure than IIS and Pine is more secure than Outlook. No one is trying to deny or contest that, au contraire. But I'll be fucked if I understand why Slashdot does this sort of thing. Maybe you can explain it to us.

Funny that pretty much any "bash slashdot" post can get modded up, even if it is completely (and provably) false.

Funny that pretty much any misguided and FUD-ish post attempting to defend Slashdot from something it is clearly guilty of gets modded up.

How to cripple Macintrash

[MattCohn.com]

Turn it on.

Re:Because the patch has been out for ALMOST 2 YEA

[cscx]

Why don't you go suck on an inherently huge cock? No wonder you're on my foes list, god damn you're an asshole. Someone tries to inject the first bit of rational thought that I've seen into this totally redundant useless thread, and you try and bring it down. Why don't you pull your unixish head out of your ass and get a clue?