Blocking EXE's and EML's at your mail server will help some but will not protect you. We have not had any email copies of this virus, yet two people got infected just by viewing an infected web page. The exploit attaches the bad .eml file to the web page, which runs the offending EXE WITHOUT ANY PROMPTING FROM THE USER. We are now blocking the .eml part in our proxy server, but in the meantime the two infected machines were trying to copy the infected EML files to every read/write share they could find on our internal network. Some curious user would just have to click on one of those to spread things more. I think IE6 and the latest service packs for IE5.5 and IE5.01 prevent the automatic running of the EXE file. I have IE6 here and I got a prompt on my screen to run or save a TMP file (which I canceled). Tom _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
