Romeo & Juliet virus prompts software feud

The "Romeo & Juliet" virus is "particularly dangerous," according to GFI Fax & Voice, maker of the Mail Essentials server-based e-mail content-checking program.

But another pair of antivirus vendors, Symantec and McAfee, disagree. In fact, VirusScan manufacturer McAfee rates Romeo & Juliet's risk assessment as "low" in its virus information library rates.

Worming its way to your PC

Technically speaking, Romeo & Juliet is a worm, spreading from PC to PC via e-mail. But unlike the famous "I Love You" worm in May, Romeo & Juliet doesn't require you to open an attached file to infect your system and spread the virus. All you need do is open the e-mail message, making it potentially more dangerous.

The worm, which comes as an HTML-formatted message, contains a script that saves its two attached files, My Romeo.exe and My Juliet.chm, to your C:\Windows\Temp folder. It then executes the files, which send similar e-mail messages to everyone in your address book.

According to GFI, this constitutes "malicious code," because it takes independent action on your system. But Romeo & Juliet hasn't actually caused any harm. It doesn't reformat hard drives or wipe out data. All it's really done is reproduce itself.

And it doesn't even do that anymore. The worm routes its messages through one of six particular servers in Poland, and the people running those servers have by now taken steps to block it. In other words, this may be a virus that got stopped before it had a chance to spread.

Encouraging better-built tragedies?

The real danger of Romeo & Juliet may lie in the ease in which the code can be altered to create a more dangerous version. A variation of the worm might be designed to spread more freely and do real damage.

"It will take a semiskilled hacker about 1 hour to make a version that uses different relay sites," according to a GFI spokesperson. It can take only "a few minutes [to] alter the payload."

What's the best way to protect yourself from future HTML e-mail worms? GFI suggests you block them "at server level, using a content-checking e-mail gateway like Mail Essentials." According McAfee and Symantec, which markets Norton AntiVirus, a combination of antivirus software and a firewall should do the trick.

In other words, GFI says that Romeo & Juliet is very dangerous, so you should buy their software. Symantec and McAfee, on the other hand, say it's nothing to worry about. But just in case, buy their software.

Perhaps the virus should have been named Hamlet, who did mention "a certain convocation of politic worms."

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lincoln Spector

PC World
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?