Slashdot Mirror


'Bagle' Worm Heading For A Windows PC Near You

mrSinclair writes "the 'Bagle' or 'Beagle' worm is expected to hit the U.S. by midweek, probably Tuesday as many employees return from a three-day weekend." He points to this Washington Post story (via Yahoo!), which describes the Windows mass-mailing worm as being transmitted via email as an .exe attachment and as installing "a program that lets attackers connect to infected machines, install malicious software or steal files." The article says Bagle has been detected in more than 100 countries. Other readers have sent in links to coverage at the BBC and at SearchSecurity.com.

6 of 606 comments (clear)

  1. Re:Windows is not to blame !! by Anonymous Coward · · Score: 5, Insightful

    > Then you'd need to "chmod +x

    This all really depends on how much "Shell Integration" your Unix desktop has.

    It's quite possible that a Unix Mailer would look at the file extention (.pl, .py, etc) and just go launch the script intepreter when you double-click on the file. This does not require +x access!

    KMail was caught launching PE EXE viruses using Wine for example.

    In reality, most of these mail viruses have nothing to do with OS security and everything to do with poorly designed mailers and dumb users.

  2. Hah Hah That's Insightful... by Greyfox · · Score: 5, Insightful
    But if you move the users over to Linux or OSX they'll still execute attachments. The solution is to set their mouse up so that whenever they open an attachment, they get a shock. The more they open attachments, the more they get shocked. Eventually the problem will go away (Either when they stop opening attachments or when the shocks become fatal...)

    We had the same executable attachment problem back when I was in school in the late '80s. Our VM Mainframe E-Mail system got shut down because of some christmas card program that remailed itself to everyone in your address book. Sound familiar?

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  3. Re:Antivirus Company Submissions by ajs318 · · Score: 5, Insightful
    If everyone used Linux instead of Windows, then the virus writers would write viruses for linux instead!
    Yeah, probably; only, thanks to something called "privilege separation", they would never get transmitted anywhere. At least, not on a well-set-up system ..... Even on a slightly-badly-set-up system, there will be log files kicking around to show what sort of thing was happening.
    The virus doesn't exploit any massive windows bug.
    Well, maybe I have a warped sense of priorities, but I'd regard running everything as the equivalent of "root" as a pretty massive bug .....
    running unknown code is NOT a good idea on ANY operating system.
    Agreed -- which is why I insist to have the source code for every piece of software I run.
    --
    Je fume. Tu fumes. Nous fûmes!
  4. Re:Antivirus Company Submissions by originalTMAN · · Score: 5, Insightful

    You could create a priveledged system since NT. Heres a scenario for you, Linux comes preinstalled on every new computer sold and is the dominant OS. Do you think resellers would setup non-root/non-rootlike accounts for the user? It's not like they couldn't do that with 2k or XP. And what about the bagillion possible daemons that the reseller might turn on just to make things even easier for the user? do you think the reseller would educate the buyer on the importance of actually maintining a system or firewalls? *nix (as much as I love it) is not the be all, end all to this little annoyance. Education is. If people were educated on how to actually use their machine, this problem wouldn't exist.

  5. Re:Antivirus Company Submissions by Animaether · · Score: 5, Insightful

    So basically it exploits user stupidity. Thanks for putting it so eloquently :)

  6. Re:Antivirus Company Submissions by NemoX · · Score: 5, Insightful

    Yeah, but how much time do you spend trying to make sure you don't get anything? Searching for viruses on my 2.8GHz SATA 150 through less than 30GB of data on a RAID 0 drive takes HOURS. Then another 5-10 minutes everytime you install a program to make sure it's not kitted with spyware and such crap. Besides even normal users can install stuff in linux (contained to their home directory, only), whereas you cannot in windows, which forces Windows' users to Admin up EVERY time , which GREATLY increases the virus' accessibility. Plus the file structure is alot more accessable to normal users in Windows. Remember, the UNIX backbone has been around WAY before Gates stole DOS from that poor guy. If Windows users didn't have to admin up so much, they would be less inclined to log in as root all the time. I mean, even the "Run as.." function is hidden in windows! you have to hold the Shift key down while right mouse clicking to get it! If they can't figure out how to run as/su without jumping through hoops, of cource they are going to login and run everything as admin. I NEVER run Linux as root, I ALWAYS run windows as admin. It's just too much of a pain in the @ss in windows. Does the world need better PC education, or a better OS? I think we need both.