[Dshield] New worm developed that spreads using Acrobat files
Samuel at socal.rr.com
Tue Aug 21 22:34:42 GMT 2001
It says that "it is a just-created laboratory virus" and is not clear to me
whether it has been released yet, but I realize we cannot depend on the
developers to announce it's release.
Notice that toward the end it says that it "requires the presence of both
Outlook and the full Acrobat program, not just the Reader". It is not clear
to me whether those of us without the full Acrobat program have any reason
for concern; the implication is that we do not. I also hope I can assume
that if users of Outlook Express (that do not use Outlook) can be affected
then there will be additional news stories about that threat.
----- Original Message -----
From: "Andy Stevko" <andy.stevko at usa.net>
To: <dshield at dshield.org>
Sent: Tuesday, August 21, 2001 11:45 AM
Subject: [Dshield] New worm developed that spreads using Acrobat files
> Is this real or hype??
> from http://www.computerworld.com/storyba/0,4125,NAV47_STO62902,00.html
> The worm appeared on Tuesday morning and has been analyzed by Bernardo
> Quinteros, head of the Madrid-based security firm HispaSec Sistemas and
> Richard M. Smith, chief technical officer of the Denver-based Privacy
> "Even considering that it is a just-created laboratory virus, this is like
> seed of an upcoming deluge of [viruses] of the same kind in PDF files, a
> format considered safe up to now," said Quinteros
> In order to spread itself, the virus uses Adobe Acrobat and functions of
> Microsoft Corp.'s Outlook that have never been used before. According to
> researchers, the worm uses Outlook to send itself hidden in a PDF file.
> opened using Acrobat, the file will launch a game that prompts the user to
> click on the image of a peach. After the user clicks on the image, a
> Basic script is run and the virus gets activated, they said.
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
More information about the list