PC could be infected without opening an infected mail?!

Discussion in 'Computer Security' started by Doug Fox, Feb 28, 2004.

  1. Doug Fox

    Doug Fox Guest

    Looking for confirmation of the following:

    Heard somewhere that one could infect a PC just by viewing a mail message
    containing malicious code, "in the lower pane", even without "opening" it or
    execute its attachment.

    Is it true? Any comments are appreciated.

    Thanks and have a nice weekend.
     
    Doug Fox, Feb 28, 2004
    #1
    1. Advertising

  2. Doug Fox

    Will Dormann Guest

    Doug Fox wrote:

    > Looking for confirmation of the following:
    >
    > Heard somewhere that one could infect a PC just by viewing a mail message
    > containing malicious code, "in the lower pane", even without "opening" it or
    > execute its attachment.
    >
    > Is it true? Any comments are appreciated.



    Absolutely true. At least if your Outlook Express/IE is not totally up
    to date with security patches. When you view a message just in the
    preview pane, it *is* "opening" the message.

    Some exploits use a vulnerability in OE/IE to trick it into executing
    code automatically. (such as mucking with the MIME type of an
    attachment, for example)


    -WD
     
    Will Dormann, Feb 28, 2004
    #2
    1. Advertising

  3. Doug Fox

    Doug Fox Guest

    In terms of prevention, in addition to "patch" the holes using Windows
    Update. What else can we do in this regards?

    Thanks again.


    "Will Dormann" <> wrote in message
    news:HeT%b.16697$...
    > Doug Fox wrote:
    >
    > > Looking for confirmation of the following:
    > >
    > > Heard somewhere that one could infect a PC just by viewing a mail

    message
    > > containing malicious code, "in the lower pane", even without "opening"

    it or
    > > execute its attachment.
    > >
    > > Is it true? Any comments are appreciated.

    >
    >
    > Absolutely true. At least if your Outlook Express/IE is not totally up
    > to date with security patches. When you view a message just in the
    > preview pane, it *is* "opening" the message.
    >
    > Some exploits use a vulnerability in OE/IE to trick it into executing
    > code automatically. (such as mucking with the MIME type of an
    > attachment, for example)
    >
    >
    > -WD
     
    Doug Fox, Feb 28, 2004
    #3
  4. Doug Fox

    John Guest

    In article <sTS%b.38086$>,
    says...
    > Looking for confirmation of the following:
    >
    > Heard somewhere that one could infect a PC just by viewing a mail message
    > containing malicious code, "in the lower pane", even without "opening" it or
    > execute its attachment.
    >
    > Is it true? Any comments are appreciated.
    >
    > Thanks and have a nice weekend.
    >
    >
    >


    My email program (Pegasus) does not execute HTML *if* it requires
    visiting a website. It instead gives a warning that the html delivered
    in the message contains "lazy HTML" - which presents a security risk
    because you must visit the web site to get it. Pegasus says you should
    be very careful about overriding the warning and proceeding. So, if you
    can read the message in Outlook Express it's already too late.

    Once you are on the website you are subject to ActiveX scripts that may
    be there - and executed by your Outlook Express or Internet Explorer.

    I am very negative about ActiveX. I only use Internet Explorer to get
    the Windows Updates (I have Microsoft in the "trusted zone" with full
    ActiveX). There is no alternative there. Microsoft won't let you
    download the patches with another browser. Otherwise I have ActiveX
    turned OFF (completely disabled). The security risks from destructive
    scripts are severe. I also deleted the VBS and VBE extensions from the
    "list" of extensions my Win2K system recognizes.

    I use Mozilla Firebird for normal web browsing and Pegasus Mail for
    email. Both are free (and better software even leaving aside the
    security issues).

    ActiveX? Just say no.
     
    John, Feb 28, 2004
    #4
  5. Doug Fox

    Jbob Guest

    "Doug Fox" <> wrote in message
    news:7AT%b.38684$...
    > In terms of prevention, in addition to "patch" the holes using Windows
    > Update. What else can we do in this regards?
    >
    > Thanks again.
    >
    >

    Several things: First make sure you do have all the MS updates. Second put
    OE security zone in the Restricted Zone and third go to the Restriced Zone
    and turn off or disable all items. That should pretty much help keep OE
    safe. As always you should also run a competent and updated Anti-Virus app.
    There is also an option in OE for reading email in text only which will also
    elimate any HTML threats.
     
    Jbob, Feb 28, 2004
    #5
  6. Doug Fox

    donutbandit Guest

    "Doug Fox" <> wrote in
    news:7AT%b.38684$:

    > In terms of prevention, in addition to "patch" the holes using Windows
    > Update. What else can we do in this regards?


    How about just saying "no" to Outlook Express? There are far better
    programs for mail that are much more secure.
     
    donutbandit, Feb 28, 2004
    #6
  7. Doug Fox

    Will Dormann Guest

    Doug Fox wrote:

    > In terms of prevention, in addition to "patch" the holes using Windows
    > Update. What else can we do in this regards?



    Sure. Don't use IE/OE. They are ridiculously insecure.

    Mozilla Firefox and Thunderbird make excellent replacements for them.



    -WD
     
    Will Dormann, Feb 28, 2004
    #7
  8. "Doug Fox" <> wrote in message
    news:7AT%b.38684$...
    > In terms of prevention, in addition to "patch" the holes using Windows
    > Update. What else can we do in this regards?


    http://www.codecutters.org/outlook/

    The specific problem is, I'd guess, the IFRAME exploit that should have been
    patched a *long* time ago.

    Opting to view all messages as plain text (at the bottom of the page)
    eliminates this problem as long as you don't attempt to forward the message.

    HTH

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!

    > "Will Dormann" <> wrote in message
    > news:HeT%b.16697$...
    > > Doug Fox wrote:
    > >
    > > > Looking for confirmation of the following:
    > > >
    > > > Heard somewhere that one could infect a PC just by viewing a mail

    > message
    > > > containing malicious code, "in the lower pane", even without "opening"

    > it or
    > > > execute its attachment.
    > > >
    > > > Is it true? Any comments are appreciated.

    > >
    > >
    > > Absolutely true. At least if your Outlook Express/IE is not totally up
    > > to date with security patches. When you view a message just in the
    > > preview pane, it *is* "opening" the message.
    > >
    > > Some exploits use a vulnerability in OE/IE to trick it into executing
    > > code automatically. (such as mucking with the MIME type of an
    > > attachment, for example)
    > >
    > >
    > > -WD

    >
    >
     
    Hairy One Kenobi, Feb 28, 2004
    #8
  9. Doug Fox spilled my beer when they jumped on the table and proclaimed in
    <sTS%b.38086$>

    > Looking for confirmation of the following:
    >
    > Heard somewhere that one could infect a PC just by viewing a mail message
    > containing malicious code, "in the lower pane", even without "opening" it
    > or execute its attachment.
    >
    > Is it true? Any comments are appreciated.
    >
    > Thanks and have a nice weekend.


    IIRC, Klez was the first that did this. Of course if Outlook Express/OS is
    properly patched, it neuters that particular problem. :)

    NOI
     
    Thund3rstruck_N0i, Feb 28, 2004
    #9
  10. Doug Fox

    Gladys Pump Guest

    On 28 Feb 2004 05:28:36 GMT, donutbandit <>, whilst in the
    alt.computer.security newsfroup, articulated the following sentiments :

    >"Doug Fox" <> wrote in
    >news:7AT%b.38684$:
    >
    >> In terms of prevention, in addition to "patch" the holes using Windows
    >> Update. What else can we do in this regards?

    >
    >How about just saying "no" to Outlook Express? There are far better
    >programs for mail that are much more secure.


    I've personally always used Agent for mail and news.

    http://www.forteinc.com/main/homepage.php

    Super fast, rock solid and a good alternative to OE for those that desire
    it. Version 2 now ready for download.

    Is that spammy ? Sorry.

    Imagine what they'll be doing by the time *they* get to version 6. :)

    Regs, Pete.
     
    Gladys Pump, Feb 28, 2004
    #10
  11. Doug Fox

    donutbandit Guest

    Gladys Pump <> wrote in
    news::

    > I've personally always used Agent for mail and news.
    >
    > Is that spammy ? Sorry.


    No - it's a suggestion and a dang good one. I use Eudora 3.0.6, the last
    free version.

    Fact is - if not for Outlook Express, "virus" would be a term reserved for
    medical illnesses. It is 99% responsible for all the virus & worm
    outbreaks. Other email programs just are not vulnerable unless the user
    opens the infected attachment.
     
    donutbandit, Feb 28, 2004
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dutch Treat
    Replies:
    4
    Views:
    4,882
    Boomer
    Jun 21, 2004
  2. Boomer

    infected mail

    Boomer, Jul 4, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    473
    Alexander Rogge
    Jul 4, 2004
  3. satyne

    could a cd or disquette be infected remotely?

    satyne, Mar 26, 2007, in forum: Computer Security
    Replies:
    9
    Views:
    449
    Unruh
    Mar 27, 2007
  4. Replies:
    3
    Views:
    571
    Walter Mautner
    Jun 25, 2007
  5. sparc58
    Replies:
    10
    Views:
    611
    sparc58
    May 15, 2007
Loading...

Share This Page