[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[pct-l] Virus Alert
- Subject: [pct-l] Virus Alert
- From: email@example.com (Brick Robbins)
- Date: Wed, 19 Sep 2001 09:26:20 -0700
I don't normally send out this stuff to the list, but this one is
important. The mailing list program is already defended against this
threat, so you cant get it from this list (thanks Ryan).
There is a new (9/18) virus that uses yet another security hole in
Outlook/IE to infect your computer.
Read about this virus at the Mcafee virus center.
If you use Outlook or certain versions of Internet Explorer you are
vulnerable. Outlook automatically displays messages sent in HTML format.
(which is how you can get pretty pictures and colored text in your email
messages, but it is a BAD thing in lots of ways)
Well in this case, when Outlook attempts to display the HTML message, it
runs the virus file WITHOUT YOU EVER CLICKING ON THE ATTACHMENT. It does
this because IE (which Outlook uses to display the HTML) can be tricked
into running the virus when it thinks it is playing a sound file.
Yes it is true. You don't need to do anything but read the message, and you
will be infected.
It is also possible to be infected by simply by visiting a website with the
same embedded virus. I think this may eventually be a bigger problem
because the it can also infect the Microsoft webserver called IIS if it
doesn't have the patch installed
The best thing to do is trash Outlook and IE, use Eudora for mail and
Netscape or Opera for a browser.
The next best thing is to visit the link above, and install the patches
that Microsoft has released to Outlook and IE to deal with this new threat.
Brick Robbins mailto:firstname.lastname@example.org