digg

Facebook Connect Join Digg About

Stardust Virus Lands On OpenOffice

news.com.com Researchers at Kaspersky Lab have spotted what they believe is the first virus for OpenOffice, the open-source rival to Microsoft's Office productivity suite.

Who dugg this? Made popular Jun 1, 2006

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

45 Comments

show profanity settings
expand all
  • Tyrekicker, on 10/12/2007, -6/+21So... like... proof-of-concept.
  • adml_shake, on 10/12/2007, -5/+15and as your spanking off to it, its turned on your webcam and starts taking pics to upload on the net....with out you ever knowing...
  • Egoist, on 10/12/2007, -3/+13Awesome! Usually I have to pay more for that service.
  • t3hX, on 10/12/2007, -1/+10You might want to also note that OpenOffice says "Are you sure you want to run this macro" etc etc... when the document is opened.
  • Egoist, on 10/12/2007, -1/+7Proof of concepts are usually necessary to get a company to fix their security holes.
  • muffinmanpoo, on 10/12/2007, -11/+17From the article: "The virus has not been sent out in the wild and is not actually attacking people's systems."

    So... like... nothing.
  • elkos, on 10/12/2007, -3/+8it affects both OO for WinXP and Linux???????
  • Odweaver, on 10/12/2007, -1/+5jrbrewin,

    Not really, proof of concept viruses are a good thing, since it shows the hole and how it can be exploited, also they are generally sent to coders so they can see the problem in action and fix it, as opposed to the viruses microsoft gets that are meant to be harmful and destructive.
  • lnxaddct, on 10/12/2007, -2/+6Odweaver,
    There is nothing to fix here. It is a scripting language, it can compute anything in the whole world (turing complete) and some moron decided to make it do something not useful. You'd have to run it while allowing macros to execute. This *isn't* a security problem. It'd be like saying Python is a security vulnerability because it can be used to write a virus.
  • VirgoanVenom, on 10/12/2007, -3/+7"It downloads an image file with adult content from the Internet and opens that file in a new document, according to Kaspersky's posting."

    How is that a BAD thing, unless of course if it's some sort of UNDESIRABLE porn? They could even incorporate that as a new feature. What would really be nice is if you can access your "Porn Preferences" through the Options menu, so that you can get a nice daily helping of your favorite genre of porn. "Open Office, now with porn!" Catchy slogan. I'd say that'll give em an advantage over ol' Microsoft.
  • rprouse, on 10/12/2007, -1/+5This is kind of lame. First of all, it is not a virus and it is not in the wild. By definition, a virus replicates itself and there is no mention of that in the article. It would have to mail itself out to people, or insert itself into your other documents. If anything, it is a trojan, but even that is a bit of a stretch. OO informs you that there is a macro in the document and asks you if you want to run it. Kind-of like sending the Trojan Horse into Troy with a note attached saying there are a bunch of soldiers inside, you wouldn't mind letting them in the gate would you?

    Lastly, all it does is open an Internet document. It mentions nothing of any serious system level access that could compromise your system. IMHO, some guy writing a macro to download porn doesn't make it a virus or even a trojan. By that definition, any macro could be defined as such.
  • somerandomnerd, on 10/12/2007, -4/+8The article doesn't mention anything about replication- just that it downloads a picture from the internet.

    Simple preventative measure- don't run macros you didn't write yourself.
  • jrbrewin, on 10/12/2007, -5/+8but when microsoft asks you, it's bad security!
  • carpespasm, on 10/12/2007, -2/+4it is an obese code base
  • mrfloppy, on 10/12/2007, -3/+5it is a proof of concept written by/for a anti virus company to get them press. show me one in the wild
  • TubaTechno, on 10/12/2007, -0/+2MS Office has been around since before 1990.....thats more than 15 years ago...
  • shakin, on 10/12/2007, -3/+5It's not even much of a proof-of-concept. Sure, you can write a macro to insert an image from the Net into the current document, but this doesn't demonstrate that the 'virus' can replicate or cause harm such as executing a downloaded file.
  • samdu, on 10/12/2007, -1/+3It's not system critical nor can it damage a system. If you run strange code for ANY application it could do something similar. Nothing to see here.
  • dukeinlondon, on 10/12/2007, -1/+3What's surprising is that it's only the first one.
  • pabster, on 10/12/2007, -0/+1That's already a product on the market :=)
  • inactive, on 10/12/2007, -5/+6And now that it can be done, you think it's not going to be in the wild?
  • jrbrewin, on 10/12/2007, -3/+4if it meant both of them were for sale it would say "which are" instead of "which is". Simple gramma my dear boy.
  • inactive, on 10/12/2007, -3/+4You guys may be quick to dismiss this, but if it can be done, it will be done. One of the selling points for OO was that it could not launch a virus like MSOffice. Now that it's proven that it can happen, dontbe so arrogant to think that some guy isnt already planning to release one.
  • figvam, on 10/12/2007, -0/+1Lame. Looks like antivirus firms are eagerly looking for the new grounds for their operations. What's next? Antiviruses for mobile phones?
  • lnxaddct, on 10/12/2007, -1/+2It is funny there are people who claim the OOo is a rip off of MS Office, like MS Office isn't a rip of Corel. What is worse is that the base sourcecode for OOo/StarOffice goes back 15 years, so I don't see where people get off trying to say OOo is copying MS Office. Microsoft fanboys are so blind it is a wonder they know how to turn on a computer.
  • TubaTechno, on 10/12/2007, -1/+2jrbrewin is getting modded down, but he makes a good point. Microsoft always ask you these things...
  • TubaTechno, on 10/12/2007, -2/+3Microsoft isn't the only office productivity suite in the market....its just one of the betters ones that the rest of them try to copy.
  • databyss, on 10/12/2007, -2/+2PornOpenOffice!

    POO will be the next big thing!

    Can we start our own branch of the codebase to make POO?

    I'd definately start my own POO.

    POO will be the next big thing... in a couple minutes... damn you White Castle!

  • pabster, on 10/12/2007, -3/+3Lame.

    Should be 'Macro Virus Can Infect OpenOffice'

    No big ***** news.
  • Orbatos, on 10/12/2007, -2/+2True, but you should agree that it's only a matter of time. Unless, of course the hole is patched befor that can even happen, illustrating the organic capability of OSS projects and rendering the point moot.

    Also, as has been pointed out below, the exploit doesn't exactly allow for much in the way of "malicious" action (yet of course).
  • inactive, on 10/12/2007, -1/+1StarOffice is sold, not openoffice.
  • darkfoxx, on 10/12/2007, -1/+1and a few million more users... its only natural you get more viruses with the more people that use it.
  • TubaTechno, on 10/12/2007, -6/+5"Mircosoft Sucks!! (but i'll still use software that looks almost exactly like it!) - Very hypocritical indeed.
  • trogdoor, on 10/12/2007, -7/+6Considering that people are more willing to open strange files with OO than Microsoft Office the 1% of the users are probably going to be more security concious / have more important information to be lost / are running as servers and would be a great addition to any botnet.
  • MrViklund, on 10/12/2007, -3/+2WoW...
    The first virus? And Microsoft world got 20000 of it's own?
  • Magadass, on 10/12/2007, -5/+3Who cares, the userbase is like what 3%? Virus writers want recognition so why the hell would they write a virus for something with no market share nearly?
  • rushfan, on 10/12/2007, -10/+7Pst... OpenOffice might have a possiblity of viral infections but Microsoft has a miriad of them. I'm not switching from it any time soon.
  • jrbrewin, on 10/12/2007, -9/+5you must be one of those people that wildly clicks on any attachment you receive, or find in your kazaa share folder, and then whines that a file from someone they've never heard of, promising to send them viagra, free porn, a degree, or septic tank solutions has actually infected them with a virus. simply because you're stupid.

    i can honestly say in the 10+ years i've used office i've never had a single virus infection, whether using office as a attack vector, or otherwise - yet i don't feel the need to burry my head in the sand and use inferior software - which ultimately is copied bit by bit from microsoft anyway. The worst kind of hypocriticism.
  • Flipsen, on 10/12/2007, -7/+3"The virus, dubbed Stardust, is capable of infecting OpenOffice and StarOffice, which is sold by Sun Microsystems"

    Since when is openoffice 'sold'? I thought one could download it for free?
  • rebrad, on 10/12/2007, -7/+3Looks like they made too good of a copy of Office, weaknesses and all.
  • TubaTechno, on 10/12/2007, -6/+1What?!! OO copied MS Office?!
  • Ghanda, on 10/12/2007, -6/+0well microsoft sucks but im forced to use it because thats really anything thats on the market
  • EvilTesdall, on 10/12/2007, -10/+1doh!
  • jrbrewin, on 10/12/2007, -15/+4and your basing those assumptions on what, exactly?

    people with oo, are exactly the kind of people that run osx instead of windows, or firefox instead of ie, because they think that they're immune from any threat because it's not microsoft. Yet as we continue to see, it's not just microsoft products that a affected by malware.

    still, it's nice to see OO blatantly copies not only the look/feel, functionality of microsoft office, but also it's lack of security too. Hurrah.
  • bubba9999, on 10/12/2007, -12/+1
    How bored do you have to be to write a poc for an app that probably has a 1% marketshare? Unless you have some sort of an axe to grind...

    Should we expect an ODF virus some time soon?

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.