[10032] in bugtraq
Re: Melissa Macro Virus
daemon@ATHENA.MIT.EDU (Nick FitzGerald)
Mon Mar 29 15:57:26 1999
Date: Mon, 29 Mar 1999 17:39:38 +0000
Reply-To: nick@virusbtn.com
From: Nick FitzGerald <nick@VIRUSBTN.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.990327122330.31438C-100000@ferret.lmh.ox.ac.uk>
Matthew Kirkwood <weejock@FERRET.LMH.OX.AC.UK> wrote:
> > Check HKCU\Software\Microsoft\Office\Melissa? for the string "... by
> > Kwyjibo"
>
> Surely just adding this key would provide effective safety? (Until
Define "safety".
All that key is used for is deciding whether to run the Email
payload or not. If you consider it safe to run the infective part of
the virus, have it run all round your Word users and then have them
distribute it via "normal" document sharing patterns to people who
may not have taken adequate precautions, then yes, it is "safe".
> modified versions hit the streets, anyway - ain't "open source" great
> :)
It is in some circumstances **if** you understand it...
Regards,
Nick FitzGerald,
Virus Bulletin.
