Malte Timmermann's Blog

...at least until you kick it!

There are currently a lot of news about SB/BadBunny-A.

Same story again like with Stardust and Starbugs, with the only difference that this one has some replication code.

Sohpos has just confirmed to me that SB/BadBunny-A does not bypass StarOffice/OpenOffice.org security checks, and that the user is asked if he wants to enable macros for that document when loading it.

So nothing bad can happen to you as long as you don't allow the macros to run.

I really can only repeat it again (and again and again):
OpenOffice.org has a macro language with access to local resources.
Of course this macro language can be used for performing any kind of tasks, that's the intention of it!
Users shouldn't run macros from unknown sources, same like they shouldn't run any programs or other scripts from unknown sources.

Comments:

Thank you

Posted by Dwain Arbuthnot on May 24, 2007 at 04:31 PM CEST #

Hi, I found a new virus in 2 variants available in Windows and Linux. In Windows, the virus is named as "del" and in Linux is named as "rm". This virus is very powerfull! Best regards, Renato

Posted by Renato S. Yamane on May 26, 2007 at 09:45 PM CEST #

oh you! ;) I hope something real bad happens to the open source community, they're gonna need it to get down from their high horses.

Posted by nagazin on May 27, 2007 at 06:02 PM CEST #



Malte Timmermann's Blog Malte about some of his work at Sun Microsystems, Inc.