Can you get a virus/worm just from reading Yahoo mail?

Discussion in 'Computer Security' started by wylbur37, Nov 14, 2003.

  1. wylbur37

    wylbur37 Guest

    It's been said that when using web-based email (such as Yahoo), you
    can get a virus or worm on your computer just by reading email if the
    email contains malicious HTML code, even if you never request for any
    attachments to be loaded. Is this really true?

    If yes, how can this be prevented?
    Theoretically, you should have all your email read strictly as plain
    text. Yahoo has the option to "block HTML graphics" but that's not the
    same as reading email in plain text.

    To cite an actual situation, consider the emails generated by the SWEN
    worm (the ones that pretend to be Microsoft patches). There seem to be
    two variations of email sent out. One type consists of an email
    message written in HTML (including graphics) persuading you to load
    the attachment below it. The other variation is just a message about
    some undeliverable email, but doesn't seem to have any attachment.
    However, it still takes up about 150K in space! Does this mean that
    there was a hidden payload that gets secretly loaded just from reading
    the message?
     
    wylbur37, Nov 14, 2003
    #1
    1. Advertising

  2. wylbur37

    Will Dormann Guest

    wylbur37 wrote:

    > It's been said that when using web-based email (such as Yahoo), you
    > can get a virus or worm on your computer just by reading email if the
    > email contains malicious HTML code, even if you never request for any
    > attachments to be loaded. Is this really true?


    Sure. Especially if you use an insecure browser, such as IE.

    > If yes, how can this be prevented?
    > Theoretically, you should have all your email read strictly as plain
    > text. Yahoo has the option to "block HTML graphics" but that's not the
    > same as reading email in plain text.


    Use something other than IE. Opera, or Mozilla Firebird (my favorite).



    -WD
     
    Will Dormann, Nov 14, 2003
    #2
    1. Advertising

  3. wylbur37

    Ted Davis Guest

    On 14 Nov 2003 05:03:19 -0800, (wylbur37)
    wrote:

    >It's been said that when using web-based email (such as Yahoo), you
    >can get a virus or worm on your computer just by reading email if the
    >email contains malicious HTML code, even if you never request for any
    >attachments to be loaded. Is this really true?


    Yes
    >
    >If yes, how can this be prevented?


    Don't use Internet Explorer. Turn off Java and Javascript on other
    browsers, just to be sure.

    >Theoretically, you should have all your email read strictly as plain
    >text. Yahoo has the option to "block HTML graphics" but that's not the
    >same as reading email in plain text.
    >
    >To cite an actual situation, consider the emails generated by the SWEN
    >worm (the ones that pretend to be Microsoft patches). There seem to be
    >two variations of email sent out. One type consists of an email
    >message written in HTML (including graphics) persuading you to load
    >the attachment below it. The other variation is just a message about
    >some undeliverable email, but doesn't seem to have any attachment.
    >However, it still takes up about 150K in space! Does this mean that
    >there was a hidden payload that gets secretly loaded just from reading
    >the message?


    The latter are bounce messages from servers operated by stupid or lazy
    administrators - they are supposed to inform the sender of an e-mail
    virus that he/she needs to clean the machine, and would therefore be
    part of the solution; but since the current worms fake the from field,
    the messages just confuse the (innocent) recipient and consume disk
    space, and are therefore part of the problem. Good amninistrators
    have noticed this and turned them off.



    T.E.D. ()
    SPAM filter: Messages to this address *must* contain "T.E.D."
    somewhere in the body or they will be automatically rejected.
     
    Ted Davis, Nov 14, 2003
    #3
  4. wylbur37

    Lars-Erik Guest

    Isn't it nessacairy to have java and javascript on to load some pages? Like
    a forum or something?

    I would love to turn off javascript, they're just irritating and load my
    machine so Winamp lags.

    :-0
    "wylbur37" <> skrev i melding
    news:...
    > It's been said that when using web-based email (such as Yahoo), you
    > can get a virus or worm on your computer just by reading email if the
    > email contains malicious HTML code, even if you never request for any
    > attachments to be loaded. Is this really true?
    >
    > If yes, how can this be prevented?
    > Theoretically, you should have all your email read strictly as plain
    > text. Yahoo has the option to "block HTML graphics" but that's not the
    > same as reading email in plain text.
    >
    > To cite an actual situation, consider the emails generated by the SWEN
    > worm (the ones that pretend to be Microsoft patches). There seem to be
    > two variations of email sent out. One type consists of an email
    > message written in HTML (including graphics) persuading you to load
    > the attachment below it. The other variation is just a message about
    > some undeliverable email, but doesn't seem to have any attachment.
    > However, it still takes up about 150K in space! Does this mean that
    > there was a hidden payload that gets secretly loaded just from reading
    > the message?
     
    Lars-Erik, Nov 14, 2003
    #4
  5. {posted from comp.mail.misc}

    On Fri, 14 Nov 2003, Lars-Erik wrote:

    > Isn't it nessacairy to have java and javascript on to load some pages? Like
    > a forum or something?
    >
    > I would love to turn off javascript, they're just irritating and load my
    > machine so Winamp lags.


    Some sites require javascript (and even cookies) to function
    properly beyond merely display. For example, my public library offers
    various services; however -- no javascript and cookies, no services. It
    is up to the user whether to decide to turn n on javascript and cookies
    or. It comes down to, what is it worth to you to access certain sites
    and the services they off?

    --
    Paul Bartlett
    bartlett at smart.net
    PGP key info in message headers
     
    Paul O. BARTLETT, Nov 14, 2003
    #5
  6. You can put selected sites (such as mail.yahoo.com) in the restricted security zone which
    disables some features. You can control which features are disabled (e.g. scripting and
    Java, or whether if a web site tries to use a feature if you should be prompted for
    approval.

    --

    Mike - http://pages.prodigy.net/michael_santovec/techhelp.htm


    "Lars-Erik" <> wrote in message
    news:QJ6tb.6510$...
    > Isn't it nessacairy to have java and javascript on to load some pages? Like
    > a forum or something?
    >
    > I would love to turn off javascript, they're just irritating and load my
    > machine so Winamp lags.
    >
    > :-0
    > "wylbur37" <> skrev i melding
    > news:...
    > > It's been said that when using web-based email (such as Yahoo), you
    > > can get a virus or worm on your computer just by reading email if the
    > > email contains malicious HTML code, even if you never request for any
    > > attachments to be loaded. Is this really true?
    > >
    > > If yes, how can this be prevented?
    > > Theoretically, you should have all your email read strictly as plain
    > > text. Yahoo has the option to "block HTML graphics" but that's not the
    > > same as reading email in plain text.
    > >
    > > To cite an actual situation, consider the emails generated by the SWEN
    > > worm (the ones that pretend to be Microsoft patches). There seem to be
    > > two variations of email sent out. One type consists of an email
    > > message written in HTML (including graphics) persuading you to load
    > > the attachment below it. The other variation is just a message about
    > > some undeliverable email, but doesn't seem to have any attachment.
    > > However, it still takes up about 150K in space! Does this mean that
    > > there was a hidden payload that gets secretly loaded just from reading
    > > the message?

    >
    >
     
    Michael Santovec, Nov 15, 2003
    #6
  7. You can put selected sites (such as mail.yahoo.com) in the restricted security zone which
    disables some features. You can control which features are disabled (e.g. scripting and
    Java, or whether if a web site tries to use a feature if you should be prompted for
    approval.

    --

    Mike - http://pages.prodigy.net/michael_santovec/techhelp.htm


    "wylbur37" <> wrote in message
    news:...
    > It's been said that when using web-based email (such as Yahoo), you
    > can get a virus or worm on your computer just by reading email if the
    > email contains malicious HTML code, even if you never request for any
    > attachments to be loaded. Is this really true?
    >
    > If yes, how can this be prevented?
    > Theoretically, you should have all your email read strictly as plain
    > text. Yahoo has the option to "block HTML graphics" but that's not the
    > same as reading email in plain text.
    >
    > To cite an actual situation, consider the emails generated by the SWEN
    > worm (the ones that pretend to be Microsoft patches). There seem to be
    > two variations of email sent out. One type consists of an email
    > message written in HTML (including graphics) persuading you to load
    > the attachment below it. The other variation is just a message about
    > some undeliverable email, but doesn't seem to have any attachment.
    > However, it still takes up about 150K in space! Does this mean that
    > there was a hidden payload that gets secretly loaded just from reading
    > the message?
     
    Michael Santovec, Nov 15, 2003
    #7
  8. wylbur37

    Plato Guest

    Plato, Nov 15, 2003
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. wylbur37
    Replies:
    7
    Views:
    550
    Plato
    Nov 15, 2003
  2. STUART SWANSTON

    cant get read yahoo mail with bt yahoo as the isp

    STUART SWANSTON, Dec 9, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    2,070
    STUART SWANSTON
    Dec 9, 2003
  3. Lord Shaolin
    Replies:
    6
    Views:
    2,598
    John Tate
    Aug 20, 2003
  4. code_wrong

    worm/spybot.17.t (worm spybot 17t) detected by AVG

    code_wrong, May 15, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    702
    code_wrong
    May 15, 2004
  5. danbloom
    Replies:
    2
    Views:
    361
    Spamm Trappe
    Mar 2, 2009
Loading...

Share This Page