Re: 2003 Cumulative Patch for Outlook Express (330994) TILDE THUMBNAIL

From: Bruce Hagen (Nospam_at_mymail.invalid)
Date: 07/10/04 

Date: Fri, 9 Jul 2004 19:17:43 -0700

No virus. No danger to you. It will be fixed at some point.

This is a bug in the April 2003 Cumulative Patch. It is basically a
backup of your address book. MS is aware of it and at some time will
provide a fix for it. You can safely delete it.

References:
http://supportdesk1.iit.edu/outexp.htm
and:
http://insideoe.tomsterdam.com/problems/bugs.htm#~file 

-- 
Bruce Hagen
   ~IB-CA~
"Louise" <anonymous@discussions.microsoft.com> wrote in message
news:2a0d601c46622$550fda40$a501280a@phx.gbl...
> Is there a fix for the fix?  I had problems with my OE
> and to recreate my profile.  Whenever I make changes to
> my address book I get a "tilde" thumbnail on my desktop.
> According to the below MS article it's a back up of my
> address book because of the 2003 Cumulative Patch for
> Outlook Express (330994 fix and there was suppose to be a
> Patch that correct this?
>
> What is the Tilde (~) file that appears on Desktop
>
> What is this ~ file?
> The file appearing on your desktop with the filename ~,
> commonly known as a tilde, is a backup of your Windows
> Address Book. It is appearing as a result of the April
> 2003 Cumulative Patch for Outlook Express (330994). The
> patch is installed for Outlook Express 5.5 or 6 in
> response to a vulnerability that could allow an attacker
> to run code of the attacker's choice on a user's machine.
> To exploit the vulnerability, an attacker would have to
> be able to cause Windows to open a specially constructed
> MHTML URL, either on a web site or included in an HTML
> email message.
>
> Unfortunately, there is a bug in the patch.Whenever you
> make a change in your Windows Address Book file (*.wab
> file), Windows makes a backup of this file. Generally
> this backup is called username.wa~ , however after the
> patch is installed the backup gets renamed to just ~
> instead and saved in the directory where you start your
> Outlook Express. Most of the time, people start Outlook
> Express from a shortcut on their desktop, so the backup
> file gets placed there. This is how the tilde (~) file
> arrives on your desktop.
>
> Is the File a Virus and will Spyware or Anti-virus
> Utilities Find it?
>
> Because the file is simply a backup of your Windows
> Address Book, spyware searching utilities or anti-virus
> products wont flag it as anything suspicious.
>
> Can I Delete the ~ File?
>
> The simple answer is yes, the file can be deleted.
> However if it is deleted, you wont have a backup of your
> Windows Address Book if a virus or something else
> corrupts it or you accidentally delete the information in
> the address book. So I wouldnt necessarily delete the
> file without backing it up first. Personally, here are
> the steps I would take to remain safe in case you need
> the file again.
>
> Right click on the file and choose Rename
>
> Type in a name for the file and add the .wab extension to
> it
> For Example, you might want to rename it to
> addressbook.wab or something similar
>
> Now, put a blank, formatted floppy disk in your floppy
> drive and right-click on the newly named file
>
> Choose Send To, Floppy Drive (most likely A)
>
> Now the file is backed up in case of emergency, right-
> click on the file on your desktop and choose Delete
> Each time you make a change to your address book, this
> file will reappear so its a good idea to keep that floppy
> drive around and make a backup each time you make
> changes. This protects you from losing valuable email
> addresses in case of a disaster.
>
> An alternative to this would be to change the Start in
> option for Outlook Express. This has been suggested by a
> few visitors and works well.
>
> Find the shortcut to Outlook Express and right-click on
> it
> Click on Properties
> Make sure Read-only is unchecked on the General tab
> Click on the Shortcut tab
> In the "Start In" field, change it to an alternative path
> where the tilde file will appear, for example C:\
> Click on Apply
> Is There a Patch to fix this?
>
> Although Microsoft has indicated that it knows about this
> problem and intends to make a patch available, they have
> not released one yet, as of July 2003.
>
> Can I uninstall the April 2003 patch to fix it?
>
> Yes, you can uninstall the patch, this will fix the tilde
> (~) file from appearing, however you will not be
> protected from this security vulnerability either. If you
> want to uninstall the April 2003 (330994) patch, simply
> visit this link and follow the uninstall directions.
> Although I wouldn't advise anyone doing this.
>
>
>
>
Quantcast