[ale] OT: Is MS Outbreak really this dangerous?

Greg runman at speedfactory.net
Thu Mar 20 11:01:46 EST 2003


ok, this only works if one *doesn't* open them up and can judge from the
subject line if it is infected or not, otherwise it is moot.  Since most
modern email virii send out the virus using an infected address book, this
defeats any humanly possible way to stop a virus.  Your bosses email could
be the vector for deadly virii - and so you aren't going to open an email
from your boss ?? Yeah, right.  It doesn't take a lot of human engineering
to get a majority of folks to open up stuff.  If you don't even have MS
scripting host installed it helps immeasurably in defeating a lot of stuff.
Use an AV program that checks mail (or even 2 such programs) and it will
stop a lot of stuff.  Keep your AV updated.  Use an AV program that doesn't
let executables run unchecked or unnoticed.  Use a program that won't let
Outlook execute stuff and it helps also.

You might want to ask your friendly sys admins why aren't they using a hot
shot commercial AV mail filter at the mail gate to stop this stuff from
entering the system ?  Relying on users to do their job is really not a good
idea - yes, users can & *should* do their part, but I wouldn't rely on it
too much.

Nothing on my Outlook 2000 executes - it always asks me first and I do use
the preview pane.  Of course, you could use Outlook running on Wine/Win4Lin
to take care of it, but then I would probably just use Evolution on Linux.
There are several other non-Outlook clients that are  not VB based that
would let you escape from Outlook induced virii.  Becky! I think is one.  A
Google search would find many others.


Greg

> -----Original Message-----
> From: ale-admin at ale.org [mailto:ale-admin at ale.org]On Behalf Of Jonathan
> Rickman
> Sent: Thursday, March 20, 2003 9:55 AM
> To: ale at ale.org
> Subject: Re: [ale] OT: Is MS Outbreak really this dangerous?
>
>
> On Thu, 20 Mar 2003 hbbs at attbi.com wrote:
>
> > A company-wide e-mail just came down the pike stating:
> >
> > "Due to viruses that can infect your computer simply by being
> previewed in your
> > e-mail program, it is company policy that the preview pane (the
> window at the
> > bottom of Outlook and Outlook Express that shows messages
> without opening them)
> > be turned off on your inbox folder."
> >
> > Is it really this dangerous to use Outlook or is this an
> > aluminum-foil-on-the-head/paint-inside-of-CD-player-green thing?
>
> IMNSHO, it IS this dangerous to use them. Statistics do not lie.
>
> >
> > How susceptible are other Windows mail clients (e.g., Mozilla)?
>  Wouldn't
> > run-of-the-mill Windows AV software catch such "preview
> viruses" as long as the
> > AV SW knew about them?
>
> The other clients are generally not AS vulnerable, but are still VERY
> vulnerable. I have one situation where I am forced to use Windows 2000. I
> use cygwin,fetchmail, and pine. AV is only as good as the latest
> definitions.
>
>
> --
> Jonathan Rickman
> X Corps Security
> http://www.xcorps.net
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale






More information about the Ale mailing list