[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Trojan Horse on PCs



PureBytes Links

Trading Reference Links

In a message dated 1/12/99 11:54:02 AM Central Standard Time,
Peter2150@xxxxxxx writes:

<< This does serve as a good reminder of a couple of key points:
 
1.   The risk of being virus infected by reading E-Mail is nil. >>

No. It isn't quite nil. 
BTW Microsoft and Netscape both have free patches available.

Researchers at the University of Oulu in Finland and elsewhere discovered a
flaw in e-mail readers from Microsoft and Netscape that allows certain types
of e-mail messages to crash the e-mail client. Worse, theoretically, <<<< an
e-mail could contain a malicious program that executes automatically when the
e-mail is received.>>>> There have been no reported incidents of hackers
taking advantage of these flaws. Both Microsoft and Netscape have announced
patches that address this problem. 

The specific issue has to do with the length of MIME tags. MIME tags are used
to describe the non-text data such as images, sound clips, binary files, etc.
associated with an e-mail message. MIME tags beyond a certain length lead to
an error condition called "buffer overflow". In most cases a buffer overflow
will cause the e-mail client program to fail. By taking advantage of this
error condition, hackers could embed programs in e-mail that run automatically
and without user control.

Closing the loophole
The best solution is for users to download and apply fixes from Netscape and
Microsoft. However, relying on users to download and install the fixes
themselves may not be the best route to take.. 

Trend Micro’s InterScan works at the Internet gateway to identify and block e-
mail with excessively long MIME tags. InterScan will also block computer
viruses, Trojans, malicious applets and other unwanted traffic. With Trend’s
solution, network administrators won’t have to rely on end users to update
their e-mail software or to run anti-virus products.