Halo, ini beneran nih! Ada virus namanya BubbleBoy, dia cuman ngenain Outlook dari release 4 dan 5 Ini deskripsinya: dari http://www.av.ibm.com/Alert/BubbleBoy.html ============================================= Recently, a new Outlook-aware virus has been in the news -- called VBS/BubbleBoy, the virus is notable because it does not require the user to launch an attachment. As soon as an email message containing BubbleBoy is opened, the virus is activated. Upon activation, the virus uses a security flaw in a particular ActiveX control to drop a file called UPDATE.HTA into the user's startup group, from where it will be launched the next time the user logs into the system. This file is an 'HTML application' file -- it contains standard HTML wrapped up in a binary file. Inside the HTML is VBScript that uses Outlook to send messages (see figure 1) to everyone in all of the accessible Outlook address books -- this includes enterprise-wide address books held on the server. The local user will see a message requesting that he deletes UPDATE.HTA (see figure 2). BubbleBoy uses the registry to ensure that the payload is not executed more than once -- it uses the value HKEY_LOCAL_MACHINE\Software\OUTLOOK.BubbleBoy for this purpose. In addition, it changes the registered owner and organisation for the current windows installation to 'BubbleBoy' and 'Vandelay Industries' respectively. ============================================= dari: http://www.ust.hk/itsc/desktop/antivirus/ ============================================= VBS/Bubbleboy is the very first worm that is able to infect without opening the attachment. Similar in action to the Melissa virus, it will forward itself to every contact in every Outlook or Outlook Express email address book on the infected user's computer. The subject line of infected messages is: "BubbleBoy is back!". Outlook users are advised to apply the vulnerability patch from Microsoft. Please refer to Virus Highlights for details. ============================================= http://www.microsoft.com/security/Bulletins/ms99-032.asp ============================================= Microsoft has released a patch that eliminates security vulnerabilities in two ActiveX controls. The net effect of the vulnerabilities is that a web page could take unauthorized action against a person who visited it. Specifically, the web page would be able to do anything on the computer that the user could do. This issue involves two ActiveX controls, scriptlet.typelib and Eyedog. These controls are not in any way related to each other; their only relationship is that both are incorrectly marked as "safe for scripting" and can therefore be called from Internet Explorer. ============================================= Nanti ada link ke download patchnya dari Microsoft, tinggal ikutin aja... Salam, hati-hati, Saranto -= Dual T3 Webhosting on Dual Pentium III 450 - www.indoglobal.com =- To unsubscribe, e-mail : [EMAIL PROTECTED] To subscribe, e-mail : [EMAIL PROTECTED] Netika BerInternet : [EMAIL PROTECTED]
