I've heard this question discussed frequently, and I'd like a definitive answer from the learned heads hereon: Is it possible to infect your system with a VIRUS, WORM or WHAT HAVE YOU, simply by OPENING an e-mail carrying the malicious entity? In other words without CLICKING ON, OPENING or otherwise MANUALLY ACTIVATING any attachments, files etc. contained in the note?

Thanks, I've got some $$$ riding on this... http://www.PCGuide.com/ubb/wink.gif

BA

YES go collect your money as soon as i can find the link that explanes it I'll post it.
not sure if this is it.
W32.Aliz.Worm - 20 November, 2001
Discovered on: May 22, 2001
Last Updated on: November 20, 2001 at 12:38:49 PM PST

W32.Aliz.Worm is a very simple SMTP mass mailer worm. The worm is written in assembly and is additionally packed.
The worm propagates by obtaining email addresses from the Windows Address Book and sending itself to those addresses.
When the worm arrives by email, the worm uses a MIME exploit allowing the virus to be executed just by reading or previewing the file. Information and a patch for this exploit can be found at http://www.microsoft.com/technet/security/bulletin/MS01-020.asp

------------------
Treading,Troden,Trails
HERE (http://www.davematthewsband.com)

[This message has been edited by YODA74 (edited 01-02-2002).]

W32.Aliz.Worm (http://securityresponse.symantec.com/avcenter/venc/data/w32.aliz.worm.html) is the Symantec page. Expanded Threat List (http://securityresponse.symantec.com/avcenter/vinfodb.html) is a good link to have on hand, Security Response (http://securityresponse.symantec.com/) usually has only the most recent ones listed.

I don't think this is the only one that can activate by simply opening the email or viewing it in the Preview Pane. Can't remember any others, but I'm sure I read an article about at least one more that activates this way.

------------------
Support the right to keep and arm bears.
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.dreamwater.com/paleopete/computer.htm) has been moved, please update your bookmarks.

There have been several MIME exploit ones recentlly, can't remember which ones though...oh yeah, Nimda!

------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.

all the ones I got were activated by opening up the document...got a few of those again last week. Didn't know about the preview pane ones...thanx for the heads up on that one.

It is best to turn off the preview pane because if you have the single click to open turned on you don't even have to click on the infected email you just have to mouse over it to select it and it opens in the preview pane and you are infected!

------------------
I think Windows XP and Microsoft use more of my bandwidth than I do!

since viruses can be activated just by opening or previewing an email, how would one go about getting rid of spam? most of the time the junk email will have directions for removing an address from the mailing list, but you have to open the email to get this info.

------------------
The internet? Is that thing still around?

gossamer If you're using OE, right click the message, click delete, or if you want to report it or find the remove link, click Properties then the Details tab, then look at the bottom for a button that says Message Source and click it. That lets you read a text version of the email without actually opening it.

That's how I usually find out a virus is contained in the message. Attachments will usually have dual extensions, and files that are not attached will be garbage characters. DO NOT FORWARD THESE. Forwarding opens the email. If you need to send it to McAffee or Symantec or another antivirus company check their website for instructions. McAffee says zip it into a compressed file and send it to them. Symantec says do not zip it, but to quarantine it and send form the quarantine folder.

That gives me a problem, because I cannot quarantine an email without opening it so that Norton can find out it is a virus, and I have two in my Inbox right now that are highly suspect that I can do nothing with. I'm not about to open them!!

If I use the method baove to look at the email content without opening them, under the headers the email message itself look like this:

0NCklu
dmVzdG1lbnQgaW4gdGVjaG5vbG9neSB0aGF0IHdpbGwgbWFrZS B5b

and so forth. Attachments will look the same when viewed as text. They will usually have dual extensions (ie news.doc.scr instead of news.doc)

Norton does not have any right click options available in email for some reason...unless I didn't allow right click options when I installed...OOPS!!

------------------
Support the right to keep and arm bears.
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.dreamwater.com/paleopete/computer.htm) has been moved, please update your bookmarks.