[svlug] Virus FUD

kmself@ix.netcom.com kmself at ix.netcom.com
Tue May 9 11:20:28 PDT 2000


On Tue, May 09, 2000 at 10:09:27AM -0700, Marc Merlin wrote:
> On mar, mai 09, 2000 at 08:08:07 -0700, Walter Reed wrote:
> > In the three pane view of outlook, you don't actually have to "open" it,
> > just scroll over it and you are toast. This is the view that shows the
> > email in the lower window and the subject / author in the upper window.
> > As you scroll through the messages, each message is opened, and any nasty
> > javascript or (h)activex script is executed. This has already been proven.
> 
> Wait a minute,
> Are you saying that the mere fact of viewing the Email runs the attachment?
> How about the user who says "I saw the subject and I deleted the message
> without opening it". Is that possible?

Yes.

http://yahoo.cnet.com/news/0-1003-200-1823347.html?tag=st.ne.ron.lthd.ni

http://www.cert.org/advisories/CA-2000-04.html
     "Users should disable auto-opening or previewing of email attachments
     in their mail programs."

http://www.zdnet.com/zdnn/stories/news/0,4586,1018067,00.html
     (Nov 9, 1999, Bubbleboy virus)

http://www.zdnet.com/zdnn/stories/comment/0,5859,2562098,00.html
     (My personal favorite for the "happens to be" quip).

-- 
Karsten M. Self <kmself at ix.netcom.com>         http:/www.netcom.com/~kmself
    What part of "Gestalt" don't you understand?
    http://gestalt-system.sourceforge.net/
GPG fingerprint: F932 8B25 5FDD 2528 D595  DC61 3847 889F 55F2 B9B0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.svlug.org/archives/svlug/attachments/20000509/177de44b/attachment.bin


More information about the svlug mailing list