Slashdot Mirror

← Back to Stories (view on slashdot.org)

First OpenOffice Virus, Not In the Wild

Posted by kdawson on from the raucous-laughter-in-Redmond dept.

NZheretic writes "According to APCmag, the first cross-platform OpenOffice.org virus — 'SB/Badbunny-A' — was emailed directly to Sophos from the virus developers. The proof-of-concept virus affects Windows, Mac OS X, and Linux systems and uses different methods on each. It has not yet been seen in the wild. Despite Sun's OpenOffice.org developer Malte Timmermann's claims to the contrary, this kind of embedded scripting attack represents a real threat to OpenOffice.org users. Back in June 2000 when Sun first announced the open sourcing of OpenOffice.org, the twelfth email to the open discussion list put forward a two-part solution for providing OpenOffice users with Safe(r) Scripting using restricted-mode execution by default and access by signed digital certificates. In October 2000 the issue of treating security as an 'add-on' feature rather than as a 'system property' was again raised. Is it time to now introduce such measures to the OpenOffice.org Core to greatly reduce any future risk from scripted infections?"

3 of 169 comments (clear)

  1. The real problem by Anonymous Coward · · Score: 5, Funny

    Scripting itself is a virus that spreads through programmers: once a programmer has seen scripting somewhere it doesn't belong, he feels a sudden urge to add scripting to the project he's working on.

  2. Re:The backdoor from hell by truthsearch · · Score: 5, Funny

    I give it about 9 months before something ala SOBig/Blaster hits the *nix scene...

    You just conceived it? Congratulations! Do you have a name picked out?

    --
    Developers: We can use your help.
  3. Re:The backdoor from hell by ettlz · · Score: 5, Funny

    You just conceived it? Congratulations! Do you have a name picked out?

    The "backdoor from hell" already has a name: hello.jpg.