E-mail viruses w/o file attachments, do they exist?
Results 1 to 6 of 6

Thread: E-mail viruses w/o file attachments, do they exist?

  1. #1
    Junior Member
    Join Date
    Apr 2003
    Posts
    1

    E-mail viruses w/o file attachments, do they exist?

    It's common knowledge that most viruses are spread via files or macros. However, something that I find popping up from time to time is the statement that you can get a virus by just simply reading an e-mail (i.e. a web interface such as Yahoo or Hotmail, or in Outlook / Outlook Express which support HTML formatted e-mails). The theory is that in the HTML e-mail, there can exist some malicious script code.

    Anyone care to elaborate on this as to it being a myth or truth?

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Oh.. it's true. I had it happen to a friend. They had outlook with that autoview enabled. And bloody well shut down the system. Basically, everytime the email opened, the AV software went bananas and she couldn't do anything -- not even delete the email. (she's not technically adept). I turned off the autoview option and then deleted the emails. I think changed it so she wouldn't see HTML emails.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    Because Outlook can view HTML emails with active scripting it is possible to get a virus simply by opening the email if you are not properly patched.

    It was also possible as MsMittens pointed out for a virus to execute simply from being viewed in the Preview Pane.

    The vulnerabilities exploited in both cases were really part of Internet Explorer, but because Outlook uses IE to render HTML it would execute the malicious code. This is from CERT

    At a minimum, disable Active scripting in the Internet zone and the zone used by Outlook, Outlook Express, or any other email client that uses Internet Explorer or the WebBrowser control to render HTML CERT bulletin
    Outlook 2000 SR-1 fixed that issue for Outlook 2000:

    Heightened Outlook default security settings increase the default Internet security zone setting within Outlook from "internet" to "restricted sites." In addition, active scripting within restricted sites is disabled by default. These security features help protect users from viruses that are spread by means of scripting. Outlook 2000 SR-1
    It is prudent to stay current with patching. It is at least as important for stopping viruses as keeping your antivirus software up to date. Viruses and worms tend to exploit known vulnerabilities. If users kept their systems patched the viruses and worms would have little to no effect.

  4. #4

    Take control of your system patches

    Start from this link...RTFM first and then go to download.....

    http://www.virusinfo.bz/cgi-bin/ulti...c;f=5;t=000010
    That was all folks!
    http://www.virusinfo.bz/cgi-bin/ultimatebb.cgi

  5. #5
    Banned
    Join Date
    Apr 2003
    Posts
    54

    Lightbulb Script

    if the scripting can hold the virus how would a firewall/antiviris detect it and eliminate it?

  6. #6
    Propably from the pattern of the script file...but I am not so sure....
    That was all folks!
    http://www.virusinfo.bz/cgi-bin/ultimatebb.cgi

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides