Benjamin Scott wrote:
>>> Customers can avoid being affected by this virus by following standard best
>>> practices:
>>>
>>> - Never run an executable from someone you don?t know.
>>> - Always have a good-quality virus scanner
>>> - Always keep the virus scanner?s signature files up to date.
>>
>> It is interesting to note that the procedures listed above did *NOT*
>> provide protection against this virus.
On Tue, 9 May 2000, Bob Bell wrote:
> Though I'd hate it to seem like I'm taking MS's side, the VBS script is as
> much an executable as a Perl script would be. Granted, it likely could
> have come from "someone you know", since it propagates through address
> books.
That is pretty much my point. Virus scanners only protect you after the
virus has been in the wild long enough to be classified and the signatures
updated. Assuming you generally trust the people in your address book (and
them, you), none of Microsoft's recommendations do anything to help you.
The only solution, then, is to not open *any* attachments *anyone* sends
you. If that is what Microsoft is recommending, why is the feature there in
the first place? Are they saying they deliberately added something too
dangerous to use? As others have pointed out, MS itself was hit very hard by
this -- don't they follow their own advice? Is Windows too complex for even
MS to figure out?
> Did anyone actually see this on a windows platform?
Yes.
> I'm curious, because the files extension was '.txt.vbs'. Since Explorer
> by default hides the extensions of known file types, would Outlook have
> displayed this as '.txt'? If so, that's particularly nasty as a
> semi-educated user could think "This is safe; it's just a text file."
Yes.
People have been saying you could do this on Unix, too. Well, I suppose they
are right. You *could* make Unix as non-secure as this: Make all files world
writable, add entries for all known script engines to /etc/mailcap, and modify
Pine to simply offer "attachments" for execution, without telling you what
they are. But the point is, Unix *doesn't* do this. Windows does.
--
Ben Scott <[EMAIL PROTECTED]>
Net Technologies, Inc. <http://www.ntisys.com>
Voice: (800)905-3049 x18 Fax: (978)499-7839
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
