[TheForge] RE: virus alert

Michael Boettcher [email protected]
Mon Apr 22 07:41:00 2002 

Microsoft IE needs to have the security updates done on it.  Get them 
from  the Microsoft web site.

There is a new type of virus that spoofs the mime type (if I'm remembering 
correctly).  The browser thinks its a safe type of file to run, and the 
operating system runs it, since it doesn't care or check.  You have no 
chance to stop the file from running.  Because of this, you can get 
infected by going to certain web sites.  Since Outlook uses IE to display 
any html info, it works the same way.  Someone sends a trojan in an email, 
IE trys to display the page, the file is run, and you're infected.  No user 
intervention needed.

If you use IE, I STRONGLY suggest you get the update NOW.  Its easier than 
trying to track down and kill the viruses and trojans.  (If you use 
Outlook, you're using IE as well.)

If anyone has questions, I'll dig out my references and the links to better 
descriptions of how the new viruses work.


At 11:57 PM 4/21/2002 -0400, you wrote:
>I guess I said it wrong. What I should have said is that in Outlook there is
>a preview window. If you highlight the message it previews it without
>opening it or any attachments. You technically did not open that message but
>you are previewing it. Now if there is an attachment on it you actually have
>to click on the attachment icon and open it to run it. These messages do not
>appear to have any attachments. But as soon as I highlight it my computer
>appears very busy for 10 to 30 seconds and my virus scan says that a
>Backdoor virus was detected on my system, not in the email.
>I am running the latest Norton and it auto updates 4 times a week. It is set
>to scan my entire system 4 times a week and to scan all incoming email.
>I have a Hardware firewall (router) with every possible safeguard turned on.
>You can't even ping my computer. And a software firewall (zone alarm) that
>alerts me of any internet activity incoming or outgoing. I then have the
>option to allow it once or forever. And lastly I run a packet sniffer. This
>tells me what the current traffic incoming and outgoing currently, average
>and for the month. So if I am not doing anything right now it should say all
>zeros.
>I am pretty well protected and these viruses still made it through. I
>haven't figured out how yet but I will.
>Marc
>
>
>Heath Wrote:
>-----------------------------------------------------------------------
>Marc, do you not run virus protection software?
>
>
>
>_______________________________________________
>http://mailman.qth.net/mailman/listinfo/theforge
>theforge mail list group photo site is
>http://www.photoaccess.com
>Login:  [email protected]
>password:  anvil
>___________