Smarter users have taken the bite out of Bagle

MessageLabs said on Tuesday that although it has intercepted more than 2.5 million copies of the most recent Bagle variant, the damage could have been far more severe had the same worm been released two years ago
Written by Munir Kotadia, Contributor

David Banes, technical director of email security firm MessageLabs in the Asia Pacific region, said that the latest Bagle variant could have caused chaos, had it been released before users started patching regularly and software companies improved their product security.

"Now that all the different business regions have started applying their updates the numbers should start dropping off. The message [to patch and update your software] is getting through to a certain degree and the latest Windows XP service pack does a fairly good job of raising awareness that users need to patch," said Banes.

Ben English, security team leader at Microsoft Australia, said that because Bagle relies on human interaction and does not exploit a software vulnerability it was never going to be as big as Blaster or Sasser.

However, he said, other factors reducing the effect of the worm are the increasing number of people using Auto Update and the cutting down of vulnerabilities in the operating system.

"There are less vulnerabilities in Microsoft’s software and people are far more rigorous in the way they patch their systems," said English.

According to English, there has been a "dramatic increase" in the number of people that use Auto Update – especially because Windows XP Service Pack 2 activates the Windows firewall and Auto Update by default.

"User education levels are increasing and that will limit the impact of this worm. Also, we are seeing a dramatic increase in the number of people that have Auto Update turned on. The consequences of not activating it are fairly significant," said English.

Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.
Editorial standards