CentOS - May 2007 - Fwd: [ooo-announce] Press reports regarding "SB/BadBunny-A" virus

If you use OpenOffice, please read on.

---------- Forwarded message ----------
From: John McCreesh <jpmcc at openoffice.org>
Date: May 23, 2007 10:11 AM
Subject: [ooo-announce] Press reports regarding "SB/BadBunny-A" virus

There has been press comment recently about the "SB/BadBunny-A" virus
affecting OpenOffice.org reported by an anti-virus company.[1]

Industry best practice would have been for the anti-virus company to
report the virus to the OpenOffice.org security team before making this
information public. Unfortunately this did not happen in this case.
OpenOffice.org will issue a detailed analysis once a copy of the virus has
been received. However, due to the volume of interest in the media, the
Community would like to issue the following comments, based on the
information available.

Macros are a useful part of any office suite, allowing users to automate
repetitive tasks. These tasks include potentially destructive actions such
as modifying and deleting files, which is why macros are of interest to
virus writers.

It is possible in any capable macro language, including those in
OpenOffice.org, to write simple 'virus-like' programs. Currently,
OpenOffice.org follows industry best practice to mitigate the risk. If the
software detects macros in a document being opened, by default it displays
a warning and will only run the macro if the user specifically agrees. In
any macro-capable tool, it is essential to verify the origin and
authenticity of the document before executing macros. To this end,
OpenOffice.org has also included advanced digital signature capabilities.

The OpenOffice.org engineers take the security of the software very
seriously, and will react promptly to any new issues. To do this, they
require access to the source code for the alleged virus. From information
currently available, it is unlikely that this new virus contains any novel
features which would require a software patch. Technically, it is not even
a virus, as it is not "self-replicating" - with OpenOffice.org's
default
settings, it cannot spread without user intervention.

However, the OpenOffice.org community repeats the consistent message from
security experts that users should never accept files from unknown
sources. For any security issue, please visit OpenOffice.org's Security
Team page [2] and send a note to security-team at openoffice.org.

[1] http://www.sophos.com/security/analyses/sbbadbunnya.html
[2] http://www.openoffice.org/security/

---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe at openoffice.org
For additional commands, e-mail: announce-help at openoffice.org

End of forwarded e-mail