Bugtraq: Re: Melissa Macro Virus

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Melissa Macro Virus

From: nick () virusbtn com (Nick FitzGerald)
Date: Mon, 29 Mar 1999 17:39:38 +0000


Matthew Kirkwood <weejock () FERRET LMH OX AC UK> wrote:

    Check HKCU\Software\Microsoft\Office\Melissa? for the string "... by
Kwyjibo"


Surely just adding this key would provide effective safety?  (Until


Define "safety".

All that key is used for is deciding whether to run the Email
payload or not.  If you consider it safe to run the infective part of
the virus, have it run all round your Word users and then have them
distribute it via "normal" document sharing patterns to people who
may not have taken adequate precautions, then yes, it is "safe".

modified versions hit the streets, anyway - ain't "open source" great
:)


It is in some circumstances **if** you understand it...


Regards,

Nick FitzGerald,
Virus Bulletin.

By Date By Thread

Current thread:

Melissa Macro Virus Aleph One (Mar 26)
- <Possible follow-ups>
- Re: Melissa Macro Virus Nate Lawson (Mar 26)
  - Re: Melissa Macro Virus Matthew Kirkwood (Mar 27)
    - Re: Melissa Macro Virus Nick FitzGerald (Mar 29)
- Re: Melissa Macro Virus Kuo, Jimmy (Mar 26)
- Re: Melissa Macro Virus Jim Reavis (Mar 26)
  - Re: Melissa Macro Virus Doug Granzow (Mar 29)
- Re: Melissa Macro Virus Brett Glass (Mar 28)
  - Bug in xfs Lukasz Trabinski (Mar 29)