RE: Today's reason not to run Windows
See http://www.zdnet.com/tlkbck/comment/22/0,7056,88759-421762,00.html to support my assertions. - Marc On Thu, 4 May 2000, Jerry Eckert wrote: Marc Evans wrote: I beg to differ, but this is hadly the forum. The VB file attached is immediately executed upon retrieval from the POP box. The user does not have to open the message in any fashion, if the preview feature is enabled. Why is it that none of the information releases from the antivirus vendors have mentioned this? As a test I just sent myself an E-mail with a .vbs file attached. When the message was opened in the Outlook 98 preview pane the message body was displayed along with the standard attachment indicator. When I clicked on the attachment and selected it to open I then got an error from the VBS compiler (it was a bogus file since I don't have a real VBS script handy). Jerry ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug ** ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
RE: Today's reason not to run Windows
That appears to be a user comment (from someone who didn't even bother to supply a fake name, much less a real one). To me, that is at best anecdotal evidence. The story associated with this message board makes no mention of any effect of the message being displayed in a preview pane; it does explicitly mention clicking on the attachment. Jerry -Original Message- From: Marc Evans [mailto:[EMAIL PROTECTED]] Sent: Friday, May 05, 2000 7:22 AM To: Jerry Eckert Cc: [EMAIL PROTECTED] Subject: RE: Today's reason not to run Windows See http://www.zdnet.com/tlkbck/comment/22/0,7056,88759-421762,00.html to support my assertions. - Marc On Thu, 4 May 2000, Jerry Eckert wrote: Marc Evans wrote: I beg to differ, but this is hadly the forum. The VB file attached is immediately executed upon retrieval from the POP box. The user does not have to open the message in any fashion, if the preview feature is enabled. Why is it that none of the information releases from the antivirus vendors have mentioned this? As a test I just sent myself an E-mail with a .vbs file attached. When the message was opened in the Outlook 98 preview pane the message body was displayed along with the standard attachment indicator. When I clicked on the attachment and selected it to open I then got an error from the VBS compiler (it was a bogus file since I don't have a real VBS script handy). Jerry ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug ** ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Re: Today's reason not to run Windows
Tom Rauschenbach wrote: Did anybody actually get this thing ? I got 14 warnings about it, the NPR news is full of it. I don't have it and I want to see it! As it happens, yes. I received three copies of it. I don't run Outlook, of course. BUT... At work (my client's site, which is a model of a large corporate Outlook installation) I received a copy from a colleague who works on the floor above. My finger was actually on the way to the mouse button when I caught myself. If the subject had been "Revised test plan" (or even "I love you", just without shouting) I can't be sure that I wouldn't have opened the damned attachment a trashed my client's workstation. And I'm NOT a suit. I DO know better... All this talk about "dummies who ran it"... very sad. Imagine an auto manufacturer building each car with a red button, and a placard on the red button "Don't push this - one time in 10,000 it will cause your car to explode". Yes, we'd laugh at the first few "dummies" who blew themselves up, but the manufacturer would most certainly remove the button. (The lawyers would see to that if customers didn't.) -Bill Footnote: most of the network interviews include words of wisdom from "security consultants". At first it seems puzzling that they don't mention Microsoft's shoddy design... until you realize that disasters like this are the source of consulting fees. It's in THEIR best interest to blame the users, too. ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Today's reason not to run Windows
I never got the damn virus. Could somebody send me a copy ? TIA TomR -- Standard is better than better. If your web page cares what browser I'm using it's broken. [EMAIL PROTECTED] ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Re: Today's reason not to run Windows
You know, all of this bashing on why Outlook does this and that, not one has mentioned that *IT'S the DUMMIES WHO RAN IT*'s fault. It didn't run itself. Someone had to open it.. This is a question of intelligence, which has *NOTHING* do with Operating systems.. A properly secured NT box.. Ok, stop laughing.. A properly secured NT box would have been just as safe as a Linux user opening a like *EXECUTABLE*. - Original Message - From: Tom Rauschenbach [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, May 04, 2000 5:31 PM Subject: Today's reason not to run Windows I never got the damn virus. Could somebody send me a copy ? ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Re: Today's reason not to run Windows
On Thu, 4 May 2000, Thomas Charron wrote: You know, all of this bashing on why Outlook does this and that, not one has mentioned that *IT'S the DUMMIES WHO RAN IT*'s fault. It didn't run itself. Someone had to open it.. This is a question of intelligence, which has *NOTHING* do with Operating systems.. A properly secured NT box.. I wish this were true, but it sadly is not. The MS Outlook program has a "feature" which previews messages. Anyone who has that feature turned on, which I believe it is by default, would become infected simply by retrieving messages from theie pop/imap/whatever box. - Marc ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Re: Today's reason not to run Windows
On Thu, 4 May 2000, Thomas Charron wrote: You know, all of this bashing on why Outlook does this and that, not one has mentioned that *IT'S the DUMMIES WHO RAN IT*'s fault. It didn't run itself. Someone had to open it.. This is a question of intelligence, which has *NOTHING* do with Operating systems.. A properly secured NT box.. I wish this were true, but it sadly is not. The MS Outlook program has a "feature" which previews messages. Anyone who has that feature turned on, which I believe it is by default, would become infected simply by retrieving messages from theie pop/imap/whatever box. This particular virus was a file *atachment*. It did not use the bug^M^M^Mfeature your speaking of.. :-P ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
RE: Today's reason not to run Windows
Marc Evans wrote: I wish this were true, but it sadly is not. The MS Outlook program has a "feature" which previews messages. Anyone who has that feature turned on, which I believe it is by default, would become infected simply by retrieving messages from theie pop/imap/whatever box. The Outlook preview pane displays the message content, not the attachments. There are certain attacks which can be launched when a message is displayed in the preview pane; however, none of the official announcements I've seen so far have given any indication such is the case with this worm. Jerry ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Re: Today's reason not to run Windows
Folks, I changed the subject line for a reason. I use (and bash whenever possible) Outlook at work and Linux and kmail at home. Both of which are not germane to this thread. Did anybody actually get this thing ? I got 14 warnings about it, the NPR news is full of it. I don't have it and I want to see it! Please continue this discusion on the original "RE:Let's torture and kill..." thread. Then we can all skip that. Thanks On Thu, 04 May 2000, you wrote: On Thu, 4 May 2000, Thomas Charron wrote: You know, all of this bashing on why Outlook does this and that, not one has mentioned that *IT'S the DUMMIES WHO RAN IT*'s fault. It didn't run itself. Someone had to open it.. This is a question of intelligence, which has *NOTHING* do with Operating systems.. A properly secured NT box.. I wish this were true, but it sadly is not. The MS Outlook program has a "feature" which previews messages. Anyone who has that feature turned on, which I believe it is by default, would become infected simply by retrieving messages from theie pop/imap/whatever box. This particular virus was a file *atachment*. It did not use the bug^M^M^Mfeature your speaking of.. :-P ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug ** -- Standard is better than better. If your web page cares what browser I'm using it's broken. [EMAIL PROTECTED] ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
RE: Today's reason not to run Windows
Marc Evans wrote: I beg to differ, but this is hadly the forum. The VB file attached is immediately executed upon retrieval from the POP box. The user does not have to open the message in any fashion, if the preview feature is enabled. Why is it that none of the information releases from the antivirus vendors have mentioned this? As a test I just sent myself an E-mail with a .vbs file attached. When the message was opened in the Outlook 98 preview pane the message body was displayed along with the standard attachment indicator. When I clicked on the attachment and selected it to open I then got an error from the VBS compiler (it was a bogus file since I don't have a real VBS script handy). Jerry ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Re: Today's reason not to run Windows
Here I am, looking in preview mode, without a thing.. Funny that.. :-P - Original Message - From: Kurth Bemis [EMAIL PROTECTED] To: Tom Rauschenbach [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, May 04, 2000 10:37 PM Subject: Re: Today's reason not to run Windows At 07:17 PM 5/4/2000 -0400, Tom Rauschenbach wrote: i have a copy of the source. I am posting it to the list! :-) be very careful with it. ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **
Re: Today's reason not to run Windows
Today, Thomas Charron gleaned this insight: Here I am, looking in preview mode, without a thing.. Funny that.. :-P Are you sure? Check Kenny Lussier's message about how to detect it. See if it compromised your system or not... -- PGP/GPG Public key at http://cerberus.ne.mediaone.net/~derek/pubkey.txt -- Derek D. Martin | Unix/Linux Geek [EMAIL PROTECTED] | [EMAIL PROTECTED] -- ** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the following text in the *body* (*not* the subject line) of the letter: unsubscribe gnhlug **