Technically speaking a worm propagate without human intervention. As this alleged worm requires human interaction as in opening an 'infected' document, it isn't really a worm. It also requires the presence of Perl, XChat and write and executable access to be able to run. None of which occur on any self respecting Linux users computer. Finally OpenOffice always prompts before auto running a macro and with security set to very high only macros from trusted file locations can be run. We're getting a little tired with these bogus Linux/Mac virus stories from the AV vendors.

"They are attacking the vulnerability of people's brains", Graham Cluley

"as Microsoft does a better job with security, [malicious hackers] are going to look elsewhere"Graham Cluley

It's a proof that it is possible to write malware for linux machines that might possibly infect the incredibly stupid. In my opinion, this isn't even remotely interesting, we all know that no system is perfect.

OK, let's assume I ran a Linux box and I happened to be unexpectedly sent an unidentified porn pic in .odg format. What would I do? I'd log out as a user and log in as root to open it (with things to configured to allow Perl scripts to run unchecked from user files in my home directory). And, of course, I'd first make sure I'd installed the XChat IRC client and got it running. So I'd be fucked. And, frankly, I'd deserve to be. In fact, I'd deserve to be condemned to use Windows Vista for the rest of my life.

We're told this by whom? A senior techie at Sophos? And what does Sophos sell?

Call me a cynic ...

I Use OpenOffice on Solaris ...

I'm feeling a little left out ... Since it was Sun who released the source code and started the project in the first place, and since Solaris is their OS ...

I feel really let down now, i'll just have to install windows ...

Doug hit it right on the head. This does not even exploit a vulnerability, any macro-enabled system can be abused, but unless you've lowered your security level for macros, you have to tell OOo to let it run. I myself always put OOo's macro security to "high," to stop the other idiot users from doing something exactly like this.