Archive of UserLand's first discussion group, started October 5, 1998.

PS: Don't open email enclosures, ever.

Author:David Valentine
Posted:5/4/2000; 7:07:46 PM
Topic:Virus from Manila
Msg #:16948 (In response to 16938)
Prev/Next:16947 / 16949

PS: Don't open email enclosures, ever.

Dave, is this really good advice?

When an uncle forwards jokes to me via AOL, the message come as .eml attachments. Harmless

Jpeg images of the niece are harmless, but sometimes don't show up in the body

MS is the one that said the trusted code approach was just as good as the java sandbox method. Sign the code. Don't run unsigned code. None of the incidents used trusted code. So is it working or failing?

Now, it's a user issue. "People should not be opening attachements" But a few hundred thousand people (or more) opened it. Attachements are a way of life.

The OS and the email apps need to be changed. Certain things should never be allowed to be saved via email: bat, exe, vbs, java (yes, java applications). And others should be saved with caution and opened in sandboxed/nuetered applications: .doc

MS is again in denial. It's not our problem, it could happen to any software. If the person had designed it better, it would have effect all apps. http://www.iwon.com/home/news/news_article/0,11746,31472|top|05-04-2000::21:01|reuters,00.html

Microsoft Corp., for its part, said the virus was not indicative of any particular vulnerability associated with Microsoft Outlook.

"Viruses are really an industry-wide issue," said Scott Culp, program manager for Microsoft's security response center. "They can be written for any platform. They can be written to use a variety of e-mail clients.

"In this case the virus author chose to target Outlook probably because it gave him better reach," he said. "There isn't a security vulnerability in Outlook involved in this at all," Culp said.


There are responses to this message:


This page was archived on 6/13/2001; 4:55:04 PM.

© Copyright 1998-2001 UserLand Software, Inc.