Bugbear Windows Virus Making the Rounds

lysurgon writes "CNN.com is reporting that the "BugBear" virus (Windows/Outlook only) is spreading quickly. Unlike ILovYou-type viri, instead of deleting files or just propagating itself, this animal disables firewall software and opens a port to receive remote commands. The article doesn't draw this conclusion, but this effectively sets up slave machines for DDoS uses. Also worth noting is the puzzlement of anti-virus guys as to why they haven't been able to make the virus spread in the lab. "One of the theories is that this requires an Internet connection in order to spread." Gee, you don't say?"

Re:Why is anyone running outlook anymore?

[gblues]

Unfortunately, people who use MSN as their ISP are forced to use MS LookOut as their e-mail client because the SMTP servers require "Secure Password Authentication" support, and none of the clients you have listed support it.

Score one for vendor lock-in!

Nathan

Because the patch has been out for ALMOST 2 YEARS!

[SlashChick]

The vulnerability that this exploits in Outlook and Outlook Express has been patched since March 29, 2001.

If you run Apache and haven't patched since March 2001, you're vulnerable.

If you run OpenSSL and haven't patched since March 2001, you're vulnerable.

If you run WU-FTPd, Sendmail, or any other numerous programs with vulnerabilities and haven't patched since March 2001, you're vulnerable.

At this point, there is no one left to blame but people who simply never update their computers. It's the same g&^damn hole that this exploits every single time, folks. Outlook 2000's patch has been out for well over a year. Outlook XP doesn't even HAVE this vulnerability!

Stop whining about what programs other people choose to run, and encourage them to learn how to patch their systems. No matter what OS you run, patching it is going to be important. Windows XP, Mac OS X, Debian, and Red Hat all make it incredibly easy to patch your system. People spreading this crap around no longer have an excuse.