Re: 1 week of searching FAQ for the answer to these two questions
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 02/06/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: macro virus"
- Previous message: Judith: "Re: 1 week of searching FAQ for the answer to these two questions"
- In reply to: Judith: "Re: 1 week of searching FAQ for the answer to these two questions"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 6 Feb 2004 17:10:33 -0500
Judith:
I don't think it will unless it is unpatched by - MS01-020.
Dave
"Judith" <anonymous@discussions.microsoft.com> wrote in message
news:c28f01c3ecfc$5d325800$a601280a@phx.gbl...
| Ooops forgive my obtuseness...one last clarification does
| right clicking on an e-mail and viewing its properties
| cause the execution of an infected "subject line" or
| an "infected attachment"? I will stop viewing properties
| if that does put me at risk.
|
| Judith
| >-----Original Message-----
| >Judith:
| >
| >Many viruses, like the Swen Internet worm, use a MIME
| exploit that will force the extension
| >to be executed thus infecting the platform..
| >
| >Please read the Swen description at the following URL:
| >http://vil.nai.com/vil/content/v_100662.htm
| >
| >Note the paragraph...
| >'Various outgoing messages are created. Some make use of
| an IE exploit to ensure
| >the worm attachment is run upon viewing the email. See
| Microsoft Security Bulletin
| >(MS01-020) . One such message bears the following
| characteristics:"
| >
| >Then read the Microsoft write-up "Incorrect MIME Header
| Can Cause IE to Execute E-mail
| >Attachment" @
| >http://www.microsoft.com/technet/treeview/default.asp?
| url=/technet/security/bulletin/MS01-020.asp
| >
| >As for no attcahment emails, the subject line can have a
| script containg the payload.
| >
| >Dave
| >
| >
| >
| >"Judith" <anonymous@discussions.microsoft.com> wrote in
| message
| >news:bcea01c3ecec$604ecd80$a001280a@phx.gbl...
| >| Dear Dave:
| >|
| >| First how can I thank you for responding!! I appreciate
| >| but need on more thing from you.
| >| I see you answer "NO" to my questions but you said NO
| only
| >| if fully patched which I am BUT can you direct me to an
| >| area that would fully explain what would happen if I
| were
| >| not patched?
| >| You SEEM to be implying that if I were NOT Patched..that
| >| the answer to my questions would be "Yes". My SA
| friends
| >| say there is NO way to get a virus from an e-mail that
| >| does not have an attachment..I'm sorry..I don't want to
| >| get verbose..please just tell me where to go read how
| you
| >| CAN get a virus/worm by "right clicking and looking at
| >| properties" (my first question) and how you can get
| >| infected just with opening e-mail even if there is no
| >| attachement if not patched so I can learn HOW THis
| happens.
| >| Also I never new that about using my real e-mail
| address.
| >| Microsoft's home user site does not teach you any of
| >| this..how are users supposed to become informed.
| >| Please indulge me this last time and send me to a link
| >| that explains the "YES" answers to my questions.
| >| With Gratitude - Judith
| >|
| >| >-----Original Message-----
| >| >Replies are inline...
| >| >"Judith" <jf314@earthlink.net> wrote in message
| >| >news:c11a01c3ece6$c74b2610$a501280a@phx.gbl...
| >| >| I have searched the knowledge base, don't boolean
| google
| >| >| searchs..going nuts..finally am going to post. I hope
| >| >| there is a microsoft moderator viewing this e-mail
| >| because
| >| >| I think microsoft should post the answers to these
| >| >| question in their section on Outlook and virus risk.
| >| >|
| >| >| 1. Using Outlook Express Ver. 6 on Win ME (all full
| >| >| patched) - Can you infect yourself with either a
| worm or
| >| >| virus BY SIMPLY "right clicking" on a mail in your
| inbox
| >| >| and displaying the mail's properties. I like to do
| that
| >| >| sometimes to see detailed information about the
| message
| >| (I
| >| >| know all about the obvious ways of contracting virus,
| >| >| worm, trojan)
| >| >
| >| >
| >| >If you are FULLY patched no. Otherwise you are
| >| susceptible to MIME explaoits.
| >| >
| >| >
| >| >| 2. I know all about attachments and executing them
| to
| >| >| activiate a virus and how a worm does not need user
| >| >| interaction..etc. etc. I have 5 System Admin friends
| >| and
| >| >| all 5 can't agree on the answer to this question:
| >| >| I read somewhere that you can infact get even a virus
| >| from
| >| >| an e-mail which DOES NOT have an attachement if
| >| >| a "malicious script inside the e-mail and scripted to
| >| run
| >| >| by simply opening the e-mail" IS this true or false.
| >| >
| >| >
| >| >Again, not if you are fully patched.
| >| >
| >| >In addition:
| >| >If you post to UseNet with your TRUE, not a munged,
| email
| >| address then you have invited the
| >| >swen Internet worm [aka; W32/Gibe-F] to visit you.
| >| >
| >| >The Swen is news spelled backwards. The reason it is
| >| called this is because the Swen worm
| >| >harvests email addresses from UseNet News Groups. It
| has
| >| an engine that allows it to post
| >| >itself to UseNet News Groups as well as it has its own
| >| email engine. From the list of
| >| >email addresses that it has harvested, it will then
| email
| >| itself to those addresses.
| >| >
| >| >Dave
| >| >
| >| >
| >| >.
| >| >
| >
| >
| >.
| >
- Next message: anonymous_at_discussions.microsoft.com: "Re: macro virus"
- Previous message: Judith: "Re: 1 week of searching FAQ for the answer to these two questions"
- In reply to: Judith: "Re: 1 week of searching FAQ for the answer to these two questions"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
