Back to website


New variants of the Bagle virus are transmitted through an e-mail message without an attachment. The variants are known as Bagle-P, Bagle-Q,, Bagle-R, Bagle-S and Bagle-T.
Bagle-R avoids sending itself to addresses that include the following words: @hotmail, @msn, @microsoft, rating@, f-secur, anyone@, bugs@, contract@, feste, gold-certs@, help@, info@, nobody@, noone@, kasp, admin, icrosoft, support, ntivi, unix, linux, listserv, certific, sopho, @foo, @iana, free-av, @messagelab, winzip, google, winrar, samples, abuse, panda, cafee, spam, @avp., noreply, local, root@, postmaster@

Here are some of the randomly-chosen subject lines the virus selects when mailing itself to other computers:

The patch against the Microsoft Outlook security vulnerability can be found at Home users of Microsoft Windows can visit to have their systems scanned for Microsoft security vulnerabilities.

Sophos recommends the following precautions against the W32/Bagle-Q and W32/Bagle-R worms: