Options
New "Bagle" virus variant
Today TrendLabs declared a Yellow Alert to control the spread of PE_BAGLE.Q. There has been numerous infection reports of this malware spreading in Korea and Japan.
[blockquote]This new BAGLE variant propagates via email in two ways. The first method it uses is sending email messages that exploits a known vulnerability in Microsoft Outlook, known as the Object Tag vulnerability in Popup Window (MS03-040). This exploit allows a malicious user to run arbitrary code on a user's system by creating an HTML-based email that exploits this vulnerability.
[/blockquote]
[link=http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_BAGLE.Q]More Info[/link] - [link=http://www.short-media.com/comment.php?696]Related news[/link] - Submitted by Geeky1
[blockquote]This new BAGLE variant propagates via email in two ways. The first method it uses is sending email messages that exploits a known vulnerability in Microsoft Outlook, known as the Object Tag vulnerability in Popup Window (MS03-040). This exploit allows a malicious user to run arbitrary code on a user's system by creating an HTML-based email that exploits this vulnerability.
[/blockquote]
[link=http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_BAGLE.Q]More Info[/link] - [link=http://www.short-media.com/comment.php?696]Related news[/link] - Submitted by Geeky1
0
Comments
The Bagle and Netsky virus authors are having a fight\competition\mini-war amongst themselves to see who can impact the most users (this is known as they are taunting each other in the code of the viruses).
Bagle.c, Bagle.d, and Bagle.n are having the most impact in North America right now, by number of infections. Note that Symantec is calling some Bagle variants Beagle, and uses that name for those which are multi-vectored polymorphs with multiple infections per box. Bagle.n actually propagates via P2P like Kazaa, iMesh, and other P2P vectors as well as email.
John D.