[58928] in North American Network Operators' Group
Re: Bugbear.b (worm du jour)
daemon@ATHENA.MIT.EDU (Jack Bates)
Thu Jun 5 21:56:48 2003
Date: Thu, 05 Jun 2003 20:55:07 -0500
From: Jack Bates <jbates@brightok.net>
To: nanog@merit.edu
In-Reply-To: <20030605184744.A3779@cs.uoregon.edu>
Errors-To: owner-nanog-outgoing@merit.edu
Eric Anderson wrote:
> Is this showing up as an issue for anyone? All I'm looking at is an MSNBC
> story which gives me the impression that it's a pretty low-bandwidth deal. It
> sounds like it requires intervention by the end user (or a system reboot) to
> activate it, so the propagation rate ought to be very low.
>
That is a very bad assumption to make. Not all AV software can detect
the various variations of it yet. In addition, there are many EU's that
will still run any executable that shows up in their inbox. Many reports
of the Microsoft Patch scam being used with this one.
It is multi-part mime, so my current stripping methods will protect the
mailboxes on my system.
-Jack
