Security

Virus Alert! Bubbleboy e-mail virus doesn't need to be executed to trigger

A potentially dangerous virus has been identified by software security researchers. Named Bubbleboy, the virus can trigger even if victims don't execute an attachment.

Do not open e-mail messages with the subject line “Bubbleboy is back.” Why not? The e-mail message could be infected with a dangerous new virus that need not be executed to trigger.

Named VBS.Bubbleboy (or just Bubbleboy, depending on who you ask), the potent new virus has been mailed to software security researchers. To date, it's believed that the VBS.Bubbleboy virus doesn't actually exist on the Internet.

Inspiration taken from Seinfeld TV program
Apparently, the coders who created the program were inspired by the Seinfeld television program. Once activated, the virus assumes Seinfeld themes, changing the name of the computer’s owner to Bubbleboy, and the company name is changed to Vandelay Industries, among other actions. The program also reads Outlook directories and mails itself to addresses it finds.

However, the worm program is making news not only because of its references to the popular TV show, but also because of its potent new behavior. The e-mail virus, which exploits known holes in Microsoft Outlook, can execute if a victim simply opens the e-mail. An attachment doesn't have to be executed to trigger the malicious code.

According to CNET , victims must be “running Microsoft's Outlook e-mail program, Windows 95, 98, or 2000, and Internet Explorer 5.0 or higher” to be affected. Symantec’s AntiVirus Research Center adds that Windows Scripting Host must also be installed.

Get the patch
Fortunately, it appears that VBS.Bubbleboy is easily thwarted. A patch posted to Microsoft’s Web site back in August can defeat the virus.
If you'd like to share your opinion, please post a comment below.
0 comments

Editor's Picks