New e-mail viruses and flaw in Unix e-mail program

Afeto hype?; Yet another e-mail worm; Macintosh Office 2001 raises concerns; Update fixes remote buffer overflow in Pine

This is something of a watershed week - no new or updated security bulletins from Microsoft! Aside from that, we cover a couple of new e-mail viruses and a buffer overflow flaw in the venerable (and popular) Unix e-mail program, Pine. Finally, some news about Microsoft Office 2001 document forma woes. Note that although Office 2001 is specifically for the Macintosh, the issue described below affects anyone who may obtain files from an Office 2001 user.

Virus News

Afeto hype?

One major antivirus developer raised alerts yesterday about an e-mail worm that spreads itself as a Word document attached to e-mail, much as Melissa did. Known as W97M/Afeto, this worm sends itself to the people who have sent its victims e-mail.

There seem to be very few reports of this worm yet, and although you should always be wary of Word document format attachments in e-mail, so long as users maintain normal macro virus precautions, such as enabling the macro warning option in Word 97 and 98, or setting macro security to high in Word 2000 and Word 2001, it should not trouble you.

Facing the Music

Another e-mail worm that has become increasingly common the last couple of weeks is Win95/Music. There are several variants of this virus, which arrives as an e-mail attachment. When run, the virus first

attempts to download an updated version of itself from a web site, then it sends copies of itself (or the update) to e-mail addresses it harvests via the Windows Address Book, Microsoft Internet Account

Manager and other sources.

Usual precautions such as filtering or otherwise blocking executable e-mail attachments should prevent Music causing any trouble.

Macintosh Office 2001 raises concerns

Microsoft Office 2001 for the Macintosh was released a couple of weeks ago. Due to subtle changes in internal format details, many virus scanners will fail to detect common macro viruses that can infect Office application document files. For example, as with Word 98 for the Macintosh and Word 2000 for Windows, Word 2001 runs many VBA macro viruses that worked on Word 97 (and/or on some of the other Word versions between that and Word 2001). Although these virus may not work under Word 2001, if files infected with them are opened in that version and subsequently saved, the virus will remain viable if the file is taken back to a copy of one of those earlier Word versions.

Antivirus developers are working on resolving these issues so future updates of their products will reliably detect viruses stored in Office 2001 files in this way.

Security News

Update fixes remote buffer overflow in Pine

Updates are available for the Pine e-mail client, popular on Unix and Linux systems. A buffer overflow in code parsing the contents of a message header allows arbitrary code to run during new-mail checking of open mail folders. Although this vulnerability is not known to be actively exploited at the moment, it has been discussed in open mailing lists, so should be considered a possibility.

Various Linux vendors have shipped updated Pine packages, so check with your vendor(s) as appropriate. Pine users on other platforms should check with their vendors or check for Pine v4.30 updates (source and/or binaries) from the Pine Information Center at the URL below.

- Pine Information Center

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments