New Bagle uses Outlook flaw to spread



A new Bagle virus spreads when a user simply opens an infected e-mail or views it in the preview screen of an unpatched version of Microsoft Outlook.

Users of BullGuard are protected against this new variant, provided they have the latest updates.

Users no longer have to click on an attachment to spread the Bagle virus because the latest variants are exploiting an old flaw in Microsoft Outlook that allows the worm to spread even more quickly.

Until the appearance of Bagle variants Q, R and S, users had to click on an e-mailed attachment to be infected by the worm. The latest Bagle incarnation has done away with the attachment altogether and because of this change in tactics, experts fear the worm could spread very quickly.

"This is a new twist to the known Bagle. The virus avoids having an attachment, which otherwise tends to ring a security-bell in most users minds. Instead it uses a wide-spread vulnerability to simply download itself directly from already infected computers, as soon as you open the e-mail," said Theis Sondergaard, CTO at BullGuard.