[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Security Report excerpt - What can be done?



PureBytes Links

Trading Reference Links

I think we have gotten to the point where the attachments are getting so 
sophisticated, if you are unlucky enough to get the wrong one attached to 
an email, just the act of scrolling to the email in your in folder can 
execute some of these nasties, if I understand what the latest Microsoft 
warning and patch was all about. It seems like 99 percent of the effort put 
into these virii goes to MS products, so that in itself may be a good 
reason not to use Outlook, etc, for receiving files.

Just my thoughts.

Tim Morge


At 08:57 AM 4/3/01 -0700, William Wood wrote:
>Well, my answer is I have used MS Outlook (full not express) since it came
>out years ago.  I use it because it is easy to use, works perfectly and
>comes free with other stuff I already have.  I have received many thousands
>of email messages over the years and I have never had any type of problem
>whatsoever.  I dont open attachments from people I dont know except from
>email lists like this one.  I download the free security updates available
>from the Windows Update site.  Given my trouble free experience I would
>question why you would use anything else.
>
>Regards
>
>Bill Wood
>
>-----Original Message-----
>From: Mark Jurik [mailto:mark@xxxxxxxxxxxx]
>Sent: Monday, April 02, 2001 8:58 PM
>To: 'omega-list@xxxxxxxxxx'
>Subject: RE: Security Report excerpt - What can be done?
>
>
>What is the advantage of using Outlook or Outlook
>Express over using the core application "Windows
>Messaging?"  WM does not have exotic features, but
>at the same time, that makes it very robust against
>all sorts of spoofs and attacks.
>
>I've been using WM for years and the only complaint I
>have is that it leaves garbage in the mail that makes
>others think there is an attachment.  But I presume
>Outlook does the same.
>
>I also use Pegasus Mail at times, which is very clean
>and has fewer vulnerabilities.
>
>So why use a mail reader like Outlook with as many
>security holes as Swiss Cheese?
>
>- mark
>
>
>
>
>
>----------
>From:   Chris Baker
>Sent:   Sunday, April 01, 2001 7:35 AM
>To:     omega-list@xxxxxxxxxx
>Subject:        RE: Security Report excerpt - What can be done?
>
>Here's my suggestions to help prevent these types of problems:
>
>1. Outlook has an optional patch that, when applied, will
>automatically block an .exe, .vbs or other attachment that might
>contain a virus.   For example if someone sends me an e-mail with an
>attached .vbs file and I open the e-mail, Outlook will display
>"Attachment xxx.vbs Blocked".   There is no I you can access the
>attachment anywhere on my system.   The types of attachments that are
>blocked can be modified in the Registry.   (The patch isn't available
>for Outlook Express.)
>
>2. You can use your firewall to block html for your e-mail reader
>program.   Text and attachments in HTML e-mail's appear fine, but
>LINKS that automatically execute are blocked.   I've had html blocked
>for Outlook for some time.  The only problem is links to pictures
>embedded in such e-mails as news stories don't appear.   Blocking html
>has the added advantage of removing links from HTML e-mail with those
>distracting advertisements that appear at the bottom of some e-mails -
>I only see the text.
>
>3. You can set what "Security Zone" Outlook or Outlook Express uses
>for e-mail.   I've found even when I block html, Active-X programs can
>still be included in HTML e-mails.  My security settings prevent those
>from executing automatically.
>
> > -----Original Message-----
> > From: DH [mailto:catapult@xxxxxxxxxxxxxxxxxx]
> > Sent: Saturday, March 31, 2001 8:23 PM
> > To: Omega List
> > Subject: Re: Security Report excerpt - TAKE THIS SERIOUSLY
> >
> >
> >