[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
MEDIA RELEASE: FIRST VIRUS TO ACTIVATE WHEN AN E-MAIL IS OPENED
Questo e' un messaggio che riguarda outlook che avevo ricevuto.
>Delivered-To: bassein@orsola-malpighi.med.unibo.it
>X-Sender: flescher@popmail.libero.it
>X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.3 (32)
>Date: Wed, 10 Nov 1999 20:41:41 +0100
>To: sottili@alma.unibo.it,stat2@orsola-malpighi.med.unibo.it,
> bassein@orsola-malpighi.med.unibo.it
>From: Marita Nasman-Repo <Marita.Nasman-Repo@datafellows.com> (by way of
pac0838@iperbole.bologna.it)
>Subject: MEDIA RELEASE: FIRST VIRUS TO ACTIVATE WHEN AN E-MAIL IS OPENED
>
>
>This press release comes from Data Fellows. For more
>information on Data Fellows' mailing list policy,
>see end of message.
>
>FIRST VIRUS TO ACTIVATE WHEN AN E-MAIL IS OPENED
>
>Data Fellows warns the public of potential future threat
>
>Espoo, Finland - November 10, 1999 - Data Fellows Corporation, a leading
>provider of Internet security solutions, today announced the first virus
found
>which activates by opening an e-mail message. VBS/Bubbleboy is the very first
>worm that is able to infect without opening an attachment. The worm will
>execute immediately after the user has opened the message in Microsoft
>Outlook.
>
>As of Tuesday afternoon, Data Fellows had received no reports of this virus
>being in the wild, and it is not considered a big threat. However, Data
>Fellows
>wishes to warn the public of this new infection mechanism. The worm
propagates
>as a Microsoft Outlook message. This message does not have a separate
>attachment, but the worm code is included in the message itself. However, if
>active scripting is disabled, the worm will not work. The worm uses ActiveX
>features to open Microsoft Outlook and uses it to send itself to all
>recipients
>in all address books, like the Melissa virus.
>
>The message contains the following:
>
> From: (name of infected user)
> Subject: BubbleBoy is back!
> Body: The BubbleBoy incident, pictures and sounds
>
>The reference to Bubbleboy and the above link are references to a
character in
>an episode of the TV show "Seinfeld".
>
>The receiver of the e-mail becomes infected and spreads the worm without
>opening any attachment. The message does not contain any attachments. The
mass
>mailing is executed only once per infected machine.
>
>After the mass mailing, the worm will display a message box with the
following
>text:
>
> System error, delete "UPDATE.HTA" from the startup folder to solve
> the problem.
>
>Bubbleboy is only able to spread under Microsoft Outlook 98, Microsoft
Outlook
>2000 and Microsoft Outlook Express that comes with Internet Explorer 5. It
>does
>not replicate under Windows NT. Bubbleboy uses a known security hole in
>Microsoft Outlook to create the local HTA file.
>
>Microsoft has more information on this problem available at:
>http://www.microsoft.com/Security/Bulletins/MS99-032faq.asp
>
>They also have a patch to fix this problem at:
>http://www.microsoft.com/security/Bulletins/ms99-032.asp
>
>More technical information and screenshots of the virus are available at:
>http://www.DataFellows.com/v-descs/bubb-boy.htm
>
>
>About Data Fellows Corporation
>
>Data Fellows is a leading developer of centrally managed, widely distributed
>security solutions. The company offers a full range of award-winning,
>integrated anti-virus, file encryption and VPN solutions for workstations,
>servers and gateways. F-Secure products and Framework are uniquely suited for
>delivery of Security as a Service™ by enterprise IT departments as well as a
>wide range of partners including ISPs, outsourcing firms and ASPs. For the
>end-user, Security as a Service is invisible, automatic, reliable, always-on,
>and up-to-date. For the administrator, Security as a Service means
>policy-based
>management, instant alerts, and centralized management of a
>massively-distributed user base.
>
>Founded in 1988, Data Fellows is listed on the Helsinki Stock Exchange. The
>company is headquartered in Espoo, Finland with North American
headquarters in
>San Jose, California, as well as offices in Canada, Germany, China, France,
>Japan and the United Kingdom. Data Fellows is supported by a network of VARs
>and Distributors in over 90 countries around the globe.
>
>For further information, please contact
>
>USA:
>
>Data Fellows Inc.
>Mr. Dan Takata, Technical Support
>Tel. +1 408 938 6700,
>Fax +1 408 938 6701
>E-mail: Dan.Takata@DataFellows.com
>
>Finland:
>
>Data Fellows Corporation
>Mikko Hyppönen, Manager, Anti-Virus Research
>PL 24
>FIN-02231 Espoo
>Tel. +358 9 859 900,
>Fax. +358 9 8599 0599
>E-mail: Mikko.Hypponen@DataFellows.com
>
>http://www.DataFellows.com/
>
>Mailing list policy
>
>You have previously expressed interest in our products, or have asked
>to be included on one of our press release lists by personally giving us
>your e-mail address for this purpose.Our mailing list are for the
>exclusive use and the expressed purpose of Data Fellows and are not
>sold or or given to third parties.
>
>If you no longer wish to receive our press releases, or your email address
>has been added to our lists without your consent, you can unsubscribe at
>http://www.DataFellows.com/news/subscribe.html
>
>If you only wish to receive our press releases concerning viruses,
>please go to
>http://www.DataFellows.com/news/subscribe.html
>and first unsubscribe from
>press-english-interest@lists.datafellows.com
>and then subscribe to
>press-english-virus-announcement@lists.datafellows.com
>
>________________________________________________
>
> Marita Nasman-Repo tel: +358 9 8599 0613
> Communicator fax : +358 9 8599 0599
> mobile: +358 40 517 4613
>
> Data Fellows Corporation http://www.DataFellows.com
>
> F-Secure products: Integrated Solutions for Enterprise Security
>_________________________________________________
>
>
>
>