[3088] in WWW Security List Archive
Re: New and destructive word macro virus
daemon@ATHENA.MIT.EDU (John Lowry)
Thu Sep 26 12:40:28 1996
Date: Thu, 26 Sep 1996 09:57:54 -0400
From: John Lowry <jlowry@bbn.com>
To: www-security@ns2.rutgers.edu, ivan@club-internet.fr
Cc: best-of-security@suburbia.net
Errors-To: owner-www-security@ns2.rutgers.edu
So ...
Does it remove netscape.exe or internet explorer ?
:-)
> From owner-www-security@ns2.rutgers.edu Wed Sep 25 18:49:28 1996
> Date: Wed, 25 Sep 1996 21:30:24 +0200
> From: ivan <ivan@club-internet.fr>
> MIME-Version: 1.0
> To: www-security@ns2.rutgers.edu
> CC: best-of-security@suburbia.net
> Subject: New and destructive word macro virus
> Content-Transfer-Encoding: 7bit
>
> A new macro virus word has been found
>
> Informations i have :
> - uses path variable to find a target
> - deletes (!) the target
>
> Type : assembles itself in Normal.dot through multiple word documents
>
> Protection : nothing with Fprot, not recognized by antivirus software
>
> Question :
>
> Except a change in normal.dot Size, how could we prevent these macros to
> infect entire file (.doc & .dot) systems ?
>
> Your answer is urgently needed, if you need a description of an infected
> macro, we could send you one !!
>
> If you are not sure of the seriousness of this message, let me know..
> the point is this awful sh.. already deleted my DOS, NOTES, & WINDOW
> directory.
>
> Any suggestions...
>
> Help urgently required ...
>
