A large company would not want somebody entering their premises with an infected phone because they could easily infect the entire company’s phones.

Not one of these is able to spread by itself, always the user of the phone has to accept installing of the virus.

It’s the first time I’ve heard of any activity coming from there.

This is enough to invoke the exploit and infect the machine.

The vulnerability probably affects more computers than any other security vulnerability, ever.

But at least you know someone on your premises has an infected phone.

The most significant change has been the evolution of virus writing hobbyists into criminally operated gangs bent on financial gain.

Mozilla’s popularity has gone from almost zero to double digits, so they have had to deal with a lot of sudden attention. Since Mozilla has become popular, people have been looking for more vulnerabilities.

Otherwise, it’s totally new code. But there’s a common idea,

It’s more likely he’ll lay low than engage in activation.

(The) vast majority of the machines infected…are home computers. Nothing will happen on them until people get home from work and boot up their machines. We’d like to think that they whole problem was avoided...

We are seeing less of the big virus outbreaks such as Sasser and Blaster, and so some people believe the situation is getting better, when in fact it is getting worse. The bad boys are...

Right now, the situation is bad, but it could be much worse. The potential for problems is bigger than we have ever seen. We estimate 99 percent of computers worldwide are vulnerable to this attack.

If you run a Mac right now, you don’t need antivirus. If you want to be safer, you should be using software that other people are not using.

It’s surprisingly bad. In sheer amount of e-mails, it’s larger than any outbreak of the year.

He’s been playing a game of cat and mouse [with the authorities] for over two years. I really do hope they’ll be able to track him down.

We’ve been monitoring the locations of the files that infected machines are now trying to download. So far none of them have activated.

This is the way virus writers can upgrade the infected machines. It’s like [Microsoft’s] Windows update for viruses.

We have seen dozens of different attacks using this vulnerability since Dec. 27. One exploits image files and tries to get users to click on them; another is an MSN Messenger worm that will send...

It’s trivial for anybody to understand how it works, … To modify the virus is relatively easy, and to change what the e-mail says is trivial.

It took 15 years for the first moneymaking viruses to emerge for the PC. On the mobile side, I’m sure it will happen. It just hasn’t happened yet.

We have listed URLs that we are recommending systems administrators block. We don’t recommend blocking the whole domain, as 99 percent of the pages on these free Austrian and German domains are OK. You should...

The target is fooled into logging into a fake bank, where they ask for his authorization code. The fake bank logs into the real bank with the one-time password and moves money around. Then it...

We learned of the scanning bug in early December, but because it affected a wide range of our products, we wanted to release a fix for all (of the affected versions) at once.

The situation on the Internet right now is so bad that if you go and buy a brand new computer and turn it on and plug it into the Internet, it will be infected by...

I’m glad the guy was stupid enough to get caught. If you have to write viruses, something like the type of message is not bad.

There might be no attack at all. As everybody knows about the attack, the virus writer may lay low and attack at a later date. The ISPs involved can actively block malicious postings. It’s more...

It all comes down to whether the code ends up being shared or not. We have not seen it out on the Internet yet.

Everybody would like to see the patch as soon as possible, but I can’t blame Microsoft for wanting to test it thoroughly. However, if a widespread worm is found before next Tuesday, I do believe...

You will not even have enough time to go online and download all the patches to your computer before it is infected.

Everybody was hoping they would get the patch out before a major attack would start. Now it looks like they are succeeding in doing just that. Well done.

The worm can spread quite well once it finds its way beyond corporate firewalls.

We seem to have a botwar on our hands. There appears to be three different virus-writing gangs turning out new worms at an alarming rate ‘­ as if they would be competing who would build...

Everything would look fairly convincing if they did some surfing to check out the site before clicking on the link. But they would still get burned.

There is no need to have your computer online 24 hours (a day) as a target of an attack when you are sleeping or away from your computer.

There was no market because there were no Mac viruses.

These will only get reported when people get home from work, and it will take awhile before they figure out who to call.

The latest variants of Bozori even remove competing viruses like Zotob from the infected machines.

It’s still climbing. It’s not the worst we’ve seen, but the infection is sizable.

breaks the operating system spectacularly.

Companies should make sure that their patch procedures extend to all applications, including security and backup programs.

If systems administrators block these URLs at their gateways, it’s not going to break anything.

It’s definitely going down all the time.

At the moment we are not aware of any attacks that would have used this vulnerability.

It’s surprisingly bad,

There appears to be three different virus writing gangs turning out new worms at an alarming rate — as if they would be competing who would build the biggest network of infected machines.

Although the WMF bug is there (in the older versions), there’s no known code at the moment to exploit it.

As the virus is not new it’s 2 years old this could only have happened if those testing computers were not running any anti-virus programs,

It’s really quite clever, … It uses realistic file names and sends those to people you know. It’s social engineering, just like we saw with Love Letter.

This was not a bug; this was something that was needed at the time. It is just bad design, design from another era.