|
'Bubbleboy' E-Mail Virus Emerges
Virus Atttacks Microsoft Outlook; Doesn't Need To Be Opened To Be Activated
By RON HARRIS
.c The Associated Press
SAN FRANCISCO (Nov. 10) - Computer security experts are warning of a
dangerous new e-mail virus, one able to destroy information even when users
don't fully open their messages.
''Bubbleboy,'' apparently nicknamed after an episode of the TV show
''Seinfeld,'' is the first known e-mail virus that doesn't even need to be
fully opened to be activated. Just highlighting the e-mail's subject line in
Microsoft Outlook Express activates its hidden code.
It also takes every address in a computer's e-mail program and passes the
virus along.
Researchers at Network Associates, a Santa Clara computer security company,
said ''Bubbleboy'' could become the framework for the easy delivery of a host
of malicious programs.
''This ushers in the next evolution in viruses. It breaks one of the
long-standing rules that you have to open an e-mail attachment to become
infected,'' spokesman Sal Viveros said. ''That's all changed now.''
''Bubbleboy'' was e-mailed late Monday to Network Associates and the company
put a free software patch capable of blocking the attack on its Web site the
next day.
The company isn't certain who sent the virus, but researchers believed the
threat is so serious that they notified the FBI, said Vincent Gullotto,
director of the company's virus detection team.
''It could basically disable your PC easily,'' Gullotto said. ''This could be
a watershed.''
The virus sent Monday night was more playful than destructive as it worked
its way through a computer's hard drive, renaming the computer's registered
owner as ''Bubbleboy'' and making other ''Seinfeld'' references.
Such a display can be a warning salvo. Gullotto said more destructive
versions of the virus could soon follow.
''This could be the catalyst,'' Gullotto said. ''While the Melissa virus was
'hell coming to dinner,' we have reassessed that and know that something
bigger, meaner and nastier is on its way.''
The Melissa computer virus clogged e-mail systems around the world when it
hit in March, but many computer users were able to avoid trouble by deleting
e-mails without reading them. Like previous e-mail viruses, Melissa wreaked
havoc only after users double-clicked an attachment to the seemingly benign
messages.
''Bubbleboy'' only requires that the e-mail be previewed on the Inbox screen
of Microsoft's Outlook Express, a popular e-mail program. As soon as the
e-mail is highlighted, without so much as a click of a mouse, it infects the
computer.
The virus appears as a black screen with the words ''The Bubbleboy incident,
pictures and sounds'' in white letters.
It affects computers with Windows 98, Windows 2000 and some versions of
Windows 95 that also use Microsoft's Internet Explorer 5.0 and Outlook
Express Web browser and e-mail programs, Gullotto said. It apparently does
not affect Netscape's e-mail programs.
Even without Network Associates' software patch, there is an easy fix.
Enabling Microsoft's highest-security e-mail filter will keep the virus from
entering.
Microsoft spokesman Adam Sohn said Tuesday night that anyone who downloaded
the August upgrade to Internet Explorer 5.0 already is protected from
''Bubbleboy.''
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
