Computer security experts are warning of a dangerous new eMail virus, one able to destroy information even when users don’t fully open their messages.

“Bubbleboy,” apparently nicknamed after an episode of the TV show “Seinfeld,” is the first known eMail virus that doesn’t even need to be fully opened to be activated. Just highlighting the eMail’s subject line in Microsoft Outlook Express activates its hidden code.

It also takes every address in a computer’s eMail program and passes the virus along.

Researchers at Network Associates, a Santa Clara, Calif., computer security company, said the Bubbleboy virus could become the framework for the easy delivery of a host of malicious programs.

“This ushers in the next evolution in viruses. It breaks one of the long-standing rules that you have to open an eMail attachment to become infected,” spokesman Sal Viveros said. “That’s all changed now.”

Bubbleboy was eMailed Nov. 8 to Network Associates, and the company put a free software patch capable of blocking the attack on its web site the next day.

The company isn’t certain who sent the virus, but researchers believed the threat is so serious that they notified the FBI, said Vincent Gullotto, director of the company’s virus detection team.

“It could basically disable your PC easily,” Gullotto said. “This could be a watershed.”

The virus sent to Network Associates was more playful than destructive as it worked its way through a computer’s hard drive, renaming the computer’s registered owner as “Bubbleboy” and making other Seinfeld references.

Such a display can be a warning salvo. Gullotto said more destructive versions of the virus could soon follow.

“This could be the catalyst,” Gullotto said. “While the Melissa virus was ‘hell coming to dinner,’ we have reassessed that and know that something bigger, meaner, and nastier is on its way.”

The Melissa computer virus clogged eMail systems around the world when it hit in March, but many computer users were able to avoid trouble by deleting eMails without reading them. Like previous eMail viruses, Melissa wreaked havoc only after users double-clicked an attachment to the seemingly benign messages.

Bubbleboy requires only that the eMail be previewed on the Inbox screen of Microsoft’s Outlook Express, a popular eMail program. As soon as the eMail is highlighted, without so much as a click of a mouse, it infects the computer.

The virus appears as a black screen with the words “The Bubbleboy incident, pictures and sounds” in white letters.

It affects computers with Windows 98, Windows 2000, and some versions of Windows 95 that also use Microsoft’s Internet Explorer 5.0 and Outlook Express web browser and eMail programs, Gullotto said. It apparently does not affect Netscape’s eMail programs.

Even without Network Associates’ software patch, there is an easy fix. Enabling Microsoft’s highest security eMail filter will keep the virus from entering.

Microsoft spokesman Adam Sohn said anyone who downloaded the August upgrade to Internet Explorer 5.0 already is protected from Bubbleboy.

Free software patch
http://www.mcafee.com/viruses/bubbleboy

Microsoft Corp.
http://www.microsoft.com

Network Associates Inc. (NAI)
http://www.nai.com

NAI Virus Alert
http://vil.nai.com/vil/vbs10418.asp