It isn't spread if run from Outlook; it isn't even RUN from Outlook.
You seem to be right that it does not need to be run from Outlook (I'm no VB expert), but it seems to me that you need Outlook to be installed on your system. From the VBS source:
[cut] sub spreadtoemail() On Error Resume Next dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,rega d set regedit=CreateObject("WScript.Shell") set out=WScript.CreateObject("Outlook.Application") set mapi=out.GetNameSpace("MAPI") [cut]
It looks to me like WScript.CreateObject("Outlook.Application") would fail if you don't have Outlook. It also looks like it would also fail if Outlook isn't even running (since Outlook.Appllication, AFAIK, shouldn't be defined unless Outlook is running).
It doesn't go anywhere NEAR Outlook...
I don't think so. See above.
To the/. admins: why can't we use <pre> tags in our posts?
This virus has nothing to do with Outlook. It'll affect any mail client, be it Eudora Pro, Pegasus Mail, Outlook Express or any other that allows you to save attachments.
It may affect users of other mail clients, in the sense that it will erase files and such, but it only spreads itself if it is run from Outlook. The fact that almost everyone is using Outlook is what allowed the worm to spread.
If someone sent a particularly stupid Linux user a bash script that did the same thing, would they fall prey to it?
Any Linux user stupid enough to run a shell script without looking at it first deserves to have bad things happen to him. Besides, you'd have to know something in order to figure out how to run the script. No mailer (that I know of, at least) will run the script itself, so you'd have to save it to a file, set it as executable, and then run it. If you know how to do that, chances are you're smart enough to have a look at the script and notice that it has a bunch of rm commands.
Slashdot Mirror
Maybe the author has something against MS software. ;) Or just doesn't know any better.
You seem to be right that it does not need to be run from Outlook (I'm no VB expert), but it seems to me that you need Outlook to be installed on your system. From the VBS source:
[cut]a d
sub spreadtoemail()
On Error Resume Next
dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,reg
set regedit=CreateObject("WScript.Shell")
set out=WScript.CreateObject("Outlook.Application")
set mapi=out.GetNameSpace("MAPI")
[cut]
It looks to me like WScript.CreateObject("Outlook.Application") would fail if you don't have Outlook. It also looks like it would also fail if Outlook isn't even running (since Outlook.Appllication, AFAIK, shouldn't be defined unless Outlook is running).
I don't think so. See above.
To the /. admins: why can't we use <pre> tags in our posts?
It may affect users of other mail clients, in the sense that it will erase files and such, but it only spreads itself if it is run from Outlook. The fact that almost everyone is using Outlook is what allowed the worm to spread.
Any Linux user stupid enough to run a shell script without looking at it first deserves to have bad things happen to him. Besides, you'd have to know something in order to figure out how to run the script. No mailer (that I know of, at least) will run the script itself, so you'd have to save it to a file, set it as executable, and then run it. If you know how to do that, chances are you're smart enough to have a look at the script and notice that it has a bunch of rm commands.