[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RT] RE: Re: Question about viruses



PureBytes Links

Trading Reference Links

<x-html><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META content="MSHTML 5.00.3013.2600" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT color=#0000ff size=2><SPAN class=150484018-04052000>This is not 
correct.&nbsp; Opening has different meanings (like the word "IS" does for Bill 
Clinton &lt;g&gt;).&nbsp; If the virus package is in an attachment, then viewing 
the message does not open the virus attachment and there is no exposure UNLESS 
you open the attachment.&nbsp; If the message is a text message with the 
attachment then no harm is done by viewing the text message in the viewer pane 
(although there has been some talk of a way to include a virus in a text message 
but I won't go into the details here - the probability of doing this is 
exceedingly low).&nbsp; </SPAN></FONT></DIV>
<DIV><FONT color=#0000ff size=2><SPAN 
class=150484018-04052000></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT color=#0000ff size=2><SPAN class=150484018-04052000>The real exposure 
with email viewing comes form viruses driven by scripts (active-x or java) in 
HTML format emails.&nbsp;&nbsp; I use Outlook 2000, but I believe that Outlook 
Express is similar.&nbsp; Go to Tools|Options.&nbsp; Click on the Security 
tab.&nbsp;&nbsp;In the Secure Content area select the RESTRICTED zone.&nbsp; You 
can then click on zone settings to see the settings that are enabled.&nbsp; You 
have the opportunity to customize these settings, for example, prompting you to 
allow download of active-x controls instead of auto blocking them, 
etc.</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff size=2><SPAN 
class=150484018-04052000></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT color=#0000ff size=2><SPAN class=150484018-04052000>But you won't 
know if an attachment contains a virus unless you are running a virus scanning 
program that can tell you.&nbsp; Two days ago, I got a virus worm delivered to 
me.&nbsp; It was a the (South Park) pretty worm.exe.&nbsp; I suspected it was a 
virus package and confirmed it when I tried to save the attachment to my hard 
disk.&nbsp; McAfee AV informed me of the virus name.&nbsp; Of course, AV 
programs are only useful if you update your signatures on a regular basis.&nbsp; 
I do so weekly.</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff size=2><SPAN 
class=150484018-04052000></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT color=#0000ff size=2><SPAN 
class=150484018-04052000></SPAN></FONT><FONT size=2>JW<BR></DIV></FONT>
<BLOCKQUOTE style="MARGIN-RIGHT: 0px">
  <DIV align=left class=OutlookMessageHeader dir=ltr><FONT face=Tahoma 
  size=2>-----Original Message-----<BR><B>From:</B> listmanager@xxxxxxxxxxxxxxx 
  [mailto:listmanager@xxxxxxxxxxxxxxx]<B>On Behalf Of </B>Dick 
  Crotinger<BR><B>Sent:</B> Thursday, May 04, 2000 10:41 AM<BR><B>To:</B> 
  &lt;realtraders@xxxxxxxxxxxxxxx&gt;<BR><B>Subject:</B> [RT] Re: Question about 
  viruses<BR><BR></DIV></FONT>
  <DIV>Outlook Express has to open the message to show it in the viewer.&nbsp; 
  Once you've seen a message with a virus (but only this particular kind, for 
  example, the Kak worm), you're hosed...</DIV>
  <DIV>&nbsp;</DIV>
  <DIV>...&nbsp;unless you protect yourself.</DIV>
  <DIV>&nbsp;</DIV>
  <DIV>Go to <A 
  href="http://www.microsoft.com/update";>www.microsoft.com/update</A> and load 
  in the currently available "required" updates to your system.&nbsp; This may 
  take a while, but part of it will fix the bug(s) in Internet Explorer which 
  allow this problem to exist.</DIV>
  <DIV>&nbsp;</DIV>
  <DIV>Then, when you view a virus infected message in the viewer, an alert will 
  pop up to the effect that the message is infected, but the virus is not 
  instantiated.</DIV>
  <DIV>&nbsp;</DIV>
  <DIV>Good luck...</DIV>
  <DIV>&nbsp;</DIV>
  <DIV>Dick Crotinger</DIV>
  <BLOCKQUOTE 
  style="BORDER-LEFT: #000000 2px solid; MARGIN-LEFT: 5px; MARGIN-RIGHT: 0px; PADDING-LEFT: 5px; PADDING-RIGHT: 0px">
    <DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
    <DIV 
    style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B> 
    <A href="mailto:bogeybunky@xxxxxxxxxxxx"; title=bogeybunky@xxxxxxxxxxxx>Bill 
    Daniel</A> </DIV>
    <DIV style="FONT: 10pt arial"><B>To:</B> <A 
    href="mailto:realtraders@xxxxxxxxxxxxxxx"; 
    title=realtraders@xxxxxxxxxxxxxxx>realtraders@xxxxxxxxxxxxxxx</A> </DIV>
    <DIV style="FONT: 10pt arial"><B>Sent:</B> Thursday, May 04, 2000 10:10 
    AM</DIV>
    <DIV style="FONT: 10pt arial"><B>Subject:</B> [RT] Question about 
    viruses</DIV>
    <DIV><BR></DIV>
    <DIV><FONT color=#000080 face=Arial size=2><STRONG>In Outlook Express there 
    is a preview window that shows the contents of an e-mail.&nbsp; Is this the 
    same as opening the e-mail and thus exposing your system to potential 
    infection or do you actually have to open the message for reading to be at 
    risk?</STRONG></FONT></DIV>
    <DIV>&nbsp;</DIV>
    <DIV><FONT color=#000080 face=Arial 
    size=2><STRONG>Thanks</STRONG></FONT></DIV>
    <DIV>&nbsp;</DIV>
    <DIV><FONT color=#000080 face=Arial 
  size=2><STRONG>Bill</STRONG></FONT></DIV></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>
</x-html>From ???@??? Thu May 04 15:00:11 2000
Return-Path: <listmanager@xxxxxxxxxxxxxxx>
Received: from mail.pajo.com (mail.pajo.com [216.116.96.4])
	by purebytes.com (8.9.3/8.9.3) with ESMTP id NAA10207
	for <neal@xxxxxxxxxxxxx>; Thu, 4 May 2000 13:27:44 -0700
Received: from REALTRADERS.COM ([208.179.56.198])
	by mail.pajo.com (8.9.1a/8.9.0) with ESMTP id NAA10636;
	Thu, 4 May 2000 13:26:45 -0700
Received: from smtp.email.msn.com by realtraders.com
	with SMTP (MDaemon.v3.0.3.R)
	for <realtraders@xxxxxxxxxxxxxxx>; Thu, 04 May 2000 13:22:13 -0700
Received: from tower1 - 63.11.142.196 by email.msn.com with Microsoft SMTPSVC;
	 Thu, 4 May 2000 13:24:51 -0700
Message-ID: <005e01bfb606$8ddd1ac0$c48e0b3f@xxxxxx>
From: "Dick Crotinger" <dangle@xxxxxxx>
To: <realtraders@xxxxxxxxxxxxxxx>
Cc: <realtraders@xxxxxxxxxxxxxxx>
References: <LPBBIKLFNLAMNNMLDELPGEKBCCAA.jw@xxxxxxxxxxxx>
Subject: [RT] Re: Question about viruses
Date: Thu, 4 May 2000 13:14:00 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
X-MDaemon-Deliver-To: realtraders@xxxxxxxxxxxxxxx
X-Return-Path: dangle@xxxxxxx
X-MDRcpt-To: realtraders@xxxxxxxxxxxxxxx
Sender: listmanager@xxxxxxxxxxxxxxx
Precedence: bulk
X-MDMailing-List: realtraders@xxxxxxxxxxxxxxx
X-MDSend-Notifications-To: listmanager@xxxxxxxxxxxxxxx
Reply-To: dangle@xxxxxxx
Status:   

>>This is not correct.  <<
Well, JW, I beg to differ, but won't get into a pissing contest about it.
Some of what you said was correct, but I stand by what I posted.

If Outlook Express users will apply the Microsoft upgrade, as I suggested,
they will not be bothered by the virus which Bill Daniel was asking about.
I see the virus occasionally (rarely) when I view an infected message in my
viewing pane, and KNOW that Outlook Express will detect and identify this
virus and keep it from infecting my system.  It doesn't do that with viruses
in attachments, of course, but that's not what Bill was asking about.

And I don't run any virus scanners in the background.

thanks,

Dick Crotinger