Re: 1 week of searching FAQ for the answer to these two questions
From: Judith (anonymous_at_discussions.microsoft.com)
Date: 02/06/04
- Next message: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Previous message: Judith: "Re: 1 week of searching FAQ for the answer to these two questions"
- In reply to: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Next in thread: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Reply: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 6 Feb 2004 13:58:33 -0800
Ooops forgive my obtuseness...one last clarification does
right clicking on an e-mail and viewing its properties
cause the execution of an infected "subject line" or
an "infected attachment"? I will stop viewing properties
if that does put me at risk.
Judith
>-----Original Message-----
>Judith:
>
>Many viruses, like the Swen Internet worm, use a MIME
exploit that will force the extension
>to be executed thus infecting the platform..
>
>Please read the Swen description at the following URL:
>http://vil.nai.com/vil/content/v_100662.htm
>
>Note the paragraph...
>'Various outgoing messages are created. Some make use of
an IE exploit to ensure
>the worm attachment is run upon viewing the email. See
Microsoft Security Bulletin
>(MS01-020) . One such message bears the following
characteristics:"
>
>Then read the Microsoft write-up "Incorrect MIME Header
Can Cause IE to Execute E-mail
>Attachment" @
>http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/bulletin/MS01-020.asp
>
>As for no attcahment emails, the subject line can have a
script containg the payload.
>
>Dave
>
>
>
>"Judith" <anonymous@discussions.microsoft.com> wrote in
message
>news:bcea01c3ecec$604ecd80$a001280a@phx.gbl...
>| Dear Dave:
>|
>| First how can I thank you for responding!! I appreciate
>| but need on more thing from you.
>| I see you answer "NO" to my questions but you said NO
only
>| if fully patched which I am BUT can you direct me to an
>| area that would fully explain what would happen if I
were
>| not patched?
>| You SEEM to be implying that if I were NOT Patched..that
>| the answer to my questions would be "Yes". My SA
friends
>| say there is NO way to get a virus from an e-mail that
>| does not have an attachment..I'm sorry..I don't want to
>| get verbose..please just tell me where to go read how
you
>| CAN get a virus/worm by "right clicking and looking at
>| properties" (my first question) and how you can get
>| infected just with opening e-mail even if there is no
>| attachement if not patched so I can learn HOW THis
happens.
>| Also I never new that about using my real e-mail
address.
>| Microsoft's home user site does not teach you any of
>| this..how are users supposed to become informed.
>| Please indulge me this last time and send me to a link
>| that explains the "YES" answers to my questions.
>| With Gratitude - Judith
>|
>| >-----Original Message-----
>| >Replies are inline...
>| >"Judith" <jf314@earthlink.net> wrote in message
>| >news:c11a01c3ece6$c74b2610$a501280a@phx.gbl...
>| >| I have searched the knowledge base, don't boolean
google
>| >| searchs..going nuts..finally am going to post. I hope
>| >| there is a microsoft moderator viewing this e-mail
>| because
>| >| I think microsoft should post the answers to these
>| >| question in their section on Outlook and virus risk.
>| >|
>| >| 1. Using Outlook Express Ver. 6 on Win ME (all full
>| >| patched) - Can you infect yourself with either a
worm or
>| >| virus BY SIMPLY "right clicking" on a mail in your
inbox
>| >| and displaying the mail's properties. I like to do
that
>| >| sometimes to see detailed information about the
message
>| (I
>| >| know all about the obvious ways of contracting virus,
>| >| worm, trojan)
>| >
>| >
>| >If you are FULLY patched no. Otherwise you are
>| susceptible to MIME explaoits.
>| >
>| >
>| >| 2. I know all about attachments and executing them
to
>| >| activiate a virus and how a worm does not need user
>| >| interaction..etc. etc. I have 5 System Admin friends
>| and
>| >| all 5 can't agree on the answer to this question:
>| >| I read somewhere that you can infact get even a virus
>| from
>| >| an e-mail which DOES NOT have an attachement if
>| >| a "malicious script inside the e-mail and scripted to
>| run
>| >| by simply opening the e-mail" IS this true or false.
>| >
>| >
>| >Again, not if you are fully patched.
>| >
>| >In addition:
>| >If you post to UseNet with your TRUE, not a munged,
email
>| address then you have invited the
>| >swen Internet worm [aka; W32/Gibe-F] to visit you.
>| >
>| >The Swen is news spelled backwards. The reason it is
>| called this is because the Swen worm
>| >harvests email addresses from UseNet News Groups. It
has
>| an engine that allows it to post
>| >itself to UseNet News Groups as well as it has its own
>| email engine. From the list of
>| >email addresses that it has harvested, it will then
email
>| itself to those addresses.
>| >
>| >Dave
>| >
>| >
>| >.
>| >
>
>
>.
>
- Next message: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Previous message: Judith: "Re: 1 week of searching FAQ for the answer to these two questions"
- In reply to: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Next in thread: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Reply: David H. Lipman: "Re: 1 week of searching FAQ for the answer to these two questions"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
