New Bagel.U a virus of few words - Computerworld

If your computer suddenly invites you to play a game of cards... you've got the Bagel.U virus!

"MARCH 26, 2004 (IDG NEWS SERVICE) - Antivirus software companies are again warning e-mail users about a new version of the widespread Bagel virus, which is spreading on the Internet through infected e-mail messages and targeting machines running the Windows operating system.

Bagle.U is the 21st version of an e-mail worm that first appeared in January. Unlike earlier versions of the worm, the new variant eschews tricky subject lines or enticing messages, hiding in a file attachment to otherwise blank e-mail messages. Once the attachment is opened, Bagle.U opens a back door to infected systems, mails copies of itself to e-mail addresses it steals from the user's computer and even launches the Windows Hearts card game, antivirus companies said.

Thousands of copies of the new Bagle variant were first spotted today, following what is believed to be an initial e-mail 'seeding' of the virus, according to iDefense Inc., an IT security services company in Reston, Va. "

If your e-mail program has a preview window that automatically displays the contents of e-mails, turn it off until you have your anti-virus updated to thwart this latest version of Bagel!

InfoWorld: Yahoo patches e-mail hole: March 24, 2004: By : SECURITY

InfoWorld: Yahoo patches e-mail hole: March 24, 2004: By : SECURITY: Login and password information could have been exposed, experts say

By Paul Roberts, IDG News ServiceMarch 24, 2004

Yahoo Inc. has patched a hole in its Web e-mail service that could have allowed malicious hackers to run malicious computer scripts on computers that use Microsoft Corp.'s Internet Explorer Web browser to check Web e-mail accounts.

The company applied a fix for the vulnerability on Tuesday, shortly after Israeli security company GreyMagic Software published an advisory warning about the problem, which also affected Microsoft's Hotmail e-mail service.

Hotmail, Yahoo Users at Risk of PC Takeover

Be careful what you're opening if you use a web-based e-mail service, especially Yahoo! Mail. It sounds as though Microsoft has already fixed HorMial, but no word on Yahoo!, AOL, Mailblocks, or other popular web-based mail services.

Hotmail, Yahoo Users at Risk of PC Takeover
By Ryan Naraine

A potentially serious security flaw found in Web-based e-mail services offered by Microsoft (Quote, Chart) and Yahoo (Quote, Chart) could put millions of PCs at risk of takeover, an Internet security research firm warned Tuesday.

Israel-based security consultants GreyMagic issued the advisory with a chilling warning that attackers could inject malicious code by simply sending an e-mail to an unsuspecting Hotmail or Yahoo user.

The vulnerability only affects Hotmail and Yahoo running on Microsoft's Internet Explorer (IE) browser.

'When the victim attempts to read this email, the code executes and may result in severe consequences,' the company said. Successful exploit could lead to theft of a user's login and password, disclosure of the content of any e-mail in the mailbox and disclosure of all contacts within the address book.

Additionally, GreyMagic said the attacker could manipulate the system to automatically send e-mails from the mailbox and to exploit vulnerabilities in IE to access the user's file system and eventually take over his or her machine.

The company said Microsoft reacted to its warning with a fix for the flaw. However, GreyMagic said all attempts to contact Yahoo's security department failed, meaning that Yahoo's users are still vulnerable. Efforts by internetnews.com to contact Yahoo at press time were unsuccessful.

GreyMagic said that many other Web-based e-mail services may be vulnerable to the flaw, since it is a completely new way to embed script. "

Internet Week > Security > New Bagle Worm Infects Windows Without File Attachments > March 19, 2004

Internet Week > Security > New Bagle Worm Infects Windows Without File Attachments > March 19, 2004: "A new round of Bagle worms blitzed the Internet Thursday, and takes advantage of a five-month-old vulnerability in Internet Explorer that let them infect computers without having to convince users to open a file attachment.

Bagle.q -- which was quickly followed by three variants, dubbed Bagle.r, Bagle.s, and Bagle.t -- follows in the footsteps of earlier editions of the persistent, pernicious worm by arriving as e-mail, opening a backdoor to the system so it can be re-infected or loaded with other malicious code, and attaching itself to executable files found on the hard drive to make it even more difficult to dislodge.
The big difference in this newest Bagle wave, said security experts, is that it can infect unpatched PCs without the usual file attachment.

If the message arrives on a machine that's not been patched against the Internet Explorer Object Data Remote Execution vulnerability -- disclosed in early October, 2003 -- Outlook and Outlook Express users who simply open or view the e-mail are automatically infected."