Slashdot Mirror

← Back to Stories (view on slashdot.org)

First OpenOffice Virus, Not In the Wild

Posted by kdawson on from the raucous-laughter-in-Redmond dept.

NZheretic writes "According to APCmag, the first cross-platform OpenOffice.org virus — 'SB/Badbunny-A' — was emailed directly to Sophos from the virus developers. The proof-of-concept virus affects Windows, Mac OS X, and Linux systems and uses different methods on each. It has not yet been seen in the wild. Despite Sun's OpenOffice.org developer Malte Timmermann's claims to the contrary, this kind of embedded scripting attack represents a real threat to OpenOffice.org users. Back in June 2000 when Sun first announced the open sourcing of OpenOffice.org, the twelfth email to the open discussion list put forward a two-part solution for providing OpenOffice users with Safe(r) Scripting using restricted-mode execution by default and access by signed digital certificates. In October 2000 the issue of treating security as an 'add-on' feature rather than as a 'system property' was again raised. Is it time to now introduce such measures to the OpenOffice.org Core to greatly reduce any future risk from scripted infections?"

13 of 169 comments (clear)

  1. The real solution by Rix · · Score: 4, Insightful

    Is to stop enabling scripting by default in software that has no real need of scripting. Hasn't even Microsoft learnt this by now?

    1. Re:The real solution by saibot834 · · Score: 4, Informative

      The real solution is to be careful wherever you can. Don't open email attachments of an unknown sender. Don't visit untrustworthy websites. Caution is still the best weapon against viruses.

    2. Re:The real solution by truthsearch · · Score: 4, Insightful

      Ever work in a financial company? Some live almost entirely off of their scripted Excel spreadsheets. There is a lot of value in allowing spreadsheets to support scripting. But it's the abilities of those scripting languages that's a real problem. Just like JavaScript needs to be limited in scope within a web browser, so too should the spreadsheet scripts. Unfortunately these office suite scripts are often used for things like disk access to import data.

      --
      Developers: We can use your help.
    3. Re:The real solution by needacoolnickname · · Score: 4, Insightful

      What is an untrustworthy website?

    4. Re:The real solution by u-bend · · Score: 4, Funny

      I dunno, doesn't call after the first date, doesn't stick up for you in a debate, cheats on you, and lies about it.

      --
      u-bend
    5. Re:The real solution by morgan_greywolf · · Score: 4, Funny

      A untrustworthy website is a website that
      - has content linked in (THAT would open a whole can of trust-this-trust-that now would it!)
      - has bugs in web, app or db server.
      - accepts malicious content including links to content
      - you don't know if you can trust everyone with or who could get admin access to that server.


      Hmmm...this sounds familiar.

      I think you just described Slashdot.

      -- a really old /. user who remembers ALL the bugs in slash and MySQL that plagued this site.
      --
      My blog
  2. The backdoor from hell by packetmon · · Score: 4, Interesting

    So how long should we count down to until someone embeds the backdoor from hell in not only Linux, but Solaris, then the BSD's... As an FYI... I've got a functional backdoor-worm for Free and Open ... Just makes no sense to even post it. Many don't even get what I mean when I state "there is a world of pain coming your way if you do that" ... Mark the calendars, I give it about 9 months before something ala SOBig/Blaster hits the *nix scene...

    --
    Infiltrated dot Net
    1. Re:The backdoor from hell by truthsearch · · Score: 5, Funny

      I give it about 9 months before something ala SOBig/Blaster hits the *nix scene...

      You just conceived it? Congratulations! Do you have a name picked out?

      --
      Developers: We can use your help.
    2. Re:The backdoor from hell by ettlz · · Score: 5, Funny

      You just conceived it? Congratulations! Do you have a name picked out?

      The "backdoor from hell" already has a name: hello.jpg.

  3. Documents shouldn't run code by Anonymous Coward · · Score: 4, Insightful

    Documents shouldn't run scripts unless explicitly authorized to do so. That goes for word processors, spreadsheets, PDF readers, email clients and web browsers. The problem is that the world is full of dickheads who needlessly distribute documents that require executing script, so users end up clicking yes every time.

    Imagine how few viruses and trojans there would be if requiring script was the exception rather than an unfortunate rule.

    Oh well, we can all dream.

  4. The real problem by Anonymous Coward · · Score: 5, Funny

    Scripting itself is a virus that spreads through programmers: once a programmer has seen scripting somewhere it doesn't belong, he feels a sudden urge to add scripting to the project he's working on.

  5. Finally feature compatible with Office by RobertM1968 · · Score: 4, Funny

    :BEGIN HUMOR:
    Well, finally OpenOffice has become a viable Office Suite, having finally added the most notable features of Office, namely script exploit capabilities. It's about time... now there is nothing keeping people from switching to OO!!!
    :END HUMOR:

    --
    StarTrekPhase2 - The Five Year Mission Continues!
  6. Re:OO already does that. by Macthorpe · · Score: 4, Insightful

    OO's default is to not run macros. The user get's a warning and has to say "yes" to the thing. This is the best that can be done and still be "compatible" with M$ Office. Isn't this the exact same 'security feature' that you've been saying is so shit about Vista?
    --
    "It does not do to leave a live dragon out of your calculations, if you live near him." - Tolkien