|Virus Fact Sheet
|Who is affected?||PCs running Windows 98 with Internet Explorer 5 and Outlook or Outlook
Express mail clients. PCs using Outlook are infected upon opening the email message. Outlook Express users can be infected by viewing
the message with "Preview Pane"
|What does it do?||VBS/Bubbleboy is the first known worm that is able to infect without opening an
attachment. The worm will execute as soon the user opens the message in Outlook.
|How is it spread?||The worm uses ActiveX features to open Outlook and use it to send itself to all
recipients in the user's address books(like the Melissa virus). THe worm code is contained in the body of the message but if active scripting is turned off, it will not work.
|What to look for:||An e-mail that contains this text:
From: (name of infected user)
Subject: BubbleBoy is back!
Body: The BubbleBoy incident, pictures and sounds
|Status:||Supposedly not in the wild and not very dangerous. But it is significant because it has not
previously been possible to contract a virus by just opening and reading an email message. This could mean some very dangerous variations of this worm in the future.