20 March 2004

---Trickier and More Dangerous

The latest PC virus to hit unsuspecting users is trickier and more dangerous. Called Beagle or Bagle (but not Bagel) depending on the antivirus vendor, the new virus takes advantage of a five-month-old vulnerability in Microsoft's Internet Explorer (IE). Its novel technique to propagate involves a new trick that allows it to use a URL in the message to download the malicious code.

Brilliant, huh? The virus writers are getting more and more creative! To our detriment, of course.

Conventional wisdom tells us that PC users now understand that it's dangerous to open strange attachments they're not expecting, especially from strangers or, sometimes, even from friends who have unknowingly sent a virus.

The cunning Beagle virus, however, displays its ingenuity by only requiring a recipient to open the email or view it within the Outlook preview frame, where some invisible HTML code downloads and infects a PC through a known flaw in the IE browser.

As if to console irate IE users, the geeks at Redmond gave the assurance that those who have been downloading Microsoft's patches with discipline shouldn't have any problems.

But what about the majority who are either busy or undisciplined enough to download? God knows how I long for Microsoft products to stop being a "work-in-progress" and instead churn out quality softwares that need little updates and tweaks.

Why is the case always bulletins trumpeting that there is "a hole" in our Microsoft softwares that needs to be patched? Weren't they expecting these vulnerabilities? Why remedy them in the middle of the game?

This always leaves the consumer helpless, left with no choice but to download the patches or else suffer the dire consequences.

Moreover, what really worries me is the strong probability that this will further encourage other virus writers to use the new cleverly deceptive approach of Beagle to spawn sneakier viruses in the future.


0 reactions: