just to add to the general knowledge base... i'm running Eudora on NT and it hosed my inbox before i even opened the mail.
-ian. At 11:57 PM 5/9/00 +0200, Filip Sneppe wrote: >James, > >It's a virus. Check http://www.cai.com/virusinfo/virusalert.htm#wscript and >search for a virus called "KAK". According to CAI it's a Win 98 only virus. > >While email has -for a long time- been considered virus-safe as long as >users didn't explicitly open or execute email attachement, this particular >virus makes use of mail readers capable of executing scripts embedded in >HTML. As such, opening a mail or merely using a mail client's preview option >could trigger the payload. > >A quick web search gave me the following URL for Outlook Express users: >http://www.microsoft.com/Windows/ie/security/email.asp >You may want to read it if you want to disable executing HTML embedded >script in your mail client. Check the web for other mail clients... > >Thanks to Kent for pointing this is out to the list. > >----- Original Message ----- >From: James Bucknell <[EMAIL PROTECTED]> >To: Kent williams <[EMAIL PROTECTED]> >Cc: Ben1 <[EMAIL PROTECTED]>; 313 <[email protected]> >Sent: Tuesday, May 09, 2000 11:05 PM >Subject: Re: (313) VERY IMPORTANT Ben1's EMAIL TO 313 HAS A VIRUS (NO HOAX) >Re: (313) Carl Craig CD'S > > >> >> >> i don't think this a problem. >> any email transmitted virus is carried as an attachment. as far as i'm >aware, >> all attachments are stripped from emails before being posted on this list. >> as such, nothing to worry about. >> james >> >> >> >> >> Kent williams <[EMAIL PROTECTED]> on 05/09/2000 04:49:00 PM >> >> Please respond to Kent williams <[EMAIL PROTECTED]> >> >> To: Ben1 <[EMAIL PROTECTED]> >> cc: 313 <[email protected]> (bcc: James Bucknell/Magazines/Hearst) >> Subject: (313) VERY IMPORTANT Ben1's EMAIL TO 313 HAS A VIRUS (NO HOAX) >Re: >> (313) Carl Craig CD'S >> >> >> >> >> Very important -- this guy's (ben1) email contains a virus that will fuck >your >> computer up if you're using any Windows-based mail reader -- I don't >> think from looking through the source that it will permanently damage your >> machine, but here's what it does >> >> 1. Installs a program to run at Windows startup to re-infect your machine. >> 2. Changes your e-mail signature to include HTML code that includes the >> virus as a script. So anyone who gets the e-mail will be infected, and >> can spread it. >> 3. Makes a startup item that keeps windows from starting up. >> >> >> To avoid being infected there is only one way in Outlook to get rid of the >> message without showing the message and infecting your computer. >> >> 1. Open the View menu and select layout (alt-v alt-l) >> 2. Uncheck the 'Show preview pane' option. >> 3. Hit OK. >> 4. Look for any message from this guy: >> >> From: Ben1 <[EMAIL PROTECTED]> >> To: 313 <[email protected]> >> Subject: (313) Carl Craig CD'S >> >> And delete it WITHOUT DOUBLECLICKING ON THE MESSAGE FIRST! >> >> This is a REAL THREAT! >> >> If you want to look at the text of the virus, it's at >> http://avalon.net/~kent/virus.txt >> >> I replaced all occurrences of the SCRIPT tag with SCR*PT, so it >> should be safe to look at, but DO IT AT YOUR OWN RISK, ONLY IF >> YOU KNOW WHAT YOU'RE DOING!!!! >> >> >> kent williams -- [EMAIL PROTECTED] >> >> On Tue, 9 May 2000, Ben1 wrote: >> >> > >> > Hi there can anyone send me a complete list of carl craig's cd's >including any >> imports as i think i'm pretty close to completing my collection. Thanks. >> > Ben >> > >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > >
