David Guest wrote: > I am finalising our Anti Virus guidelines at the surgery. I would be > interested in the list's comments. > > Does the list regard .doc format as safe these days. This is > particularly relevant since it is still the most common format we > receive from outside sources.
Only if you don't have none of the following installed on your computer: Microsoft Word, or other Microsoft Office products, or Microsoft .NET, or Microsoft Outlook, or Microsoft automation services, or other Microsoft products, including recent versions of the Windows operating system itself, which also contain the Microsoft Visual basic or other macro interpreters without actually saying so. But apart from those considerations, perfectly safe. Tim C > ------------------------------------------------------------------------ > > > Attachments > > Most viruses come as attachments to emails. Opening these infected > attachments launches the program. It is usually very difficult and > costly to removed the infection once it has been run once, since it > copies itself into a number of obscure places within the computer. We > therefore suggest following these simple rules. > > > Sending > > 1. Plain text attachments should be inlined instead of attached. In > Thunderbird this is set through the View | Display Attachments > Inline > > <http://wiki.mozilla.org/Thunderbird:Help_Documentation:Menu_Reference#Display_Attachments_Inline> > option. > 2. JPG / PNG /GIF formatted images are acceptable. > 3. Emails should be plain text, not HTML. Plain text is much more > efficient in terms of data storage and transmission. In > Thunderbird individual words and phrases can be marked as > underlined, italicised, or bold by enclosing them in _ / * > respectively. > 4. HTML attachments are acceptable in exceptions where formatting is > essential. The attachment must not contain JAVA/ JAVA script code. > 5. Binary attachments (eg .exe files) should never be sent. > 6. In the rare cases where binary files must be sent, we recommend > transmission in zipped format and that an email should precede > that with the attachment. The preceding email should contain > information about the executable along with a MD5 hash sum of it. > (Front office staff will never have to do this.) > 7. Potential worm bearing data formats such as Microsoft word ( .doc) > or Visual Basic code 9 (.vbs) are forbidden. Formatted text > exchange should be in RTF or PDF format if formatting other than > HTML is considered essential. > > > Receiving > > 1. Rule number one:- *NEVER CLICK ON ATTACHMENTS* > 2. Faxes are distributed internally through the email system. These > have a .tif or a .tiff extension. It is save to click on these > from an internal user. > 3. Never click on files with a .exe, .vbs or .pif extension. > 4. Never open attachments where there is no identifying information > in the email. (E.g.: "Hello Bob, can you look at this file for me" > is not specific. "Hello Bob. after our discussions at the Network > last Wednesday, I have sent you a copy of the document" is > acceptable if, in fact, you saw Bob at the Network last Wednesday.) > 5. Word documents can have viruses in them. Ask for them to be resent > in PDF format. > 6. Many viruses target the address book in the Microsoft programs. > Using other programs and operating systems greatly minimises this > risk. (This and the next rule do not apply at the Goonellabah > Medical Centre since we use Thunderbird.) > 7. Switch off automatic opening of attachments in your > preferences/options of your mail program. > 8. Jokes sent on mailing lists are always a risk. Jokes may not only > contain viruses but are often not appreciated by the recipient. We > suggest you forward jokes to your home address. > 9. If you really must look at attachments of an unknown type or > origin they should be forwarded to the security coordinator for > approval first. > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Gpcg_talk mailing list > [email protected] > http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
