Subj : Bugbear.A virus notes
To   : Mike Luther
From : David Noon
Date : Wed Oct 02 2002 08:20 pm

Hi Mike,

Replying to a message of Mike Luther to All:

 ML> Per what I have read, it is a reportedly well written Visual C
 ML> creation which uses NETBIOS over TCP/IP in a cascaded Port 137 and
 ML> Port 139 TCP romp to infect boxes connected to an IP.

The report I read about Bugbear was on the BBC's Web site:

 http://news.bbc.co.uk/1/hi/technology/2290153.stm

According to that report, the virus requires M$ Lookout (or a user who is as 
brain-dead as Lookout) to be activated, as it is transported as a mail 
attachment. The mail message is the Trojan, I suppose. The size of the 
executable attachment is always 50,688 bytes. [A "virus" the size of an 
elephant!]

Unless you are running Lookout, there should be no real threat to an OS/2 box. 
[Assuming the BBC is correct.]

Regards

Dave
<Team PL/I>

--- FleetStreet 1.25.1
 * Origin: My other computer is an IBM S/390 (2:257/609.5)

.