Slashdot Mirror


Bugbear Windows Virus Making the Rounds

lysurgon writes "CNN.com is reporting that the "BugBear" virus (Windows/Outlook only) is spreading quickly. Unlike ILovYou-type viri, instead of deleting files or just propagating itself, this animal disables firewall software and opens a port to receive remote commands. The article doesn't draw this conclusion, but this effectively sets up slave machines for DDoS uses. Also worth noting is the puzzlement of anti-virus guys as to why they haven't been able to make the virus spread in the lab. "One of the theories is that this requires an Internet connection in order to spread." Gee, you don't say?"

2 of 449 comments (clear)

  1. Re:The relationship destroyer by Pedrito · · Score: 5, Interesting

    I just noticed the "Windows/Outlook Only" part of the post. Maybe Windows, but not Outlook only. My mother uses Netscape mail (at least a 3 year old version), and it's obviously quite compatible with the virus.

  2. Re:Why is anyone running outlook anymore? by Osty · · Score: 5, Interesting

    why would anyone purposely run Outlook or Outlook Express as their mail client?

    I can't personally speak for OE, as I've not used it in years, but I use Outlook XP because it's the best mail client I've found. I've never been infected by a virus in Outlook XP, because by default it strips malicious attachments (no, I'm not confusing that with an Exchange or mail server stripping those attachments -- we do that at work, sure, but I use Outlook at home with my postfix setup, and I know I'm not stripping attachments there, yet Outlook XP still strips the dangerous attachments). Out of the box, Outlook XP requires you to screw around to shoot yourself in the foot -- it warns you when you try to open an attachment, it'll tell you when there's possibly malicious script in a message and not let you view it in the preview pane, and so on. In short, you actually have to take action to get infected by a virus if you're using Outlook XP.


    Just to clear up any possible misconceptions, Outlook and Outlook Express are two completely different products, with completely different codebases, developed by two completely different teams. The only thing they share is the word "Outlook".