[pct-l] Virus Alert

[brick@fastpack.com (Brick Robbins)]

I don't normally send out this stuff to the list, but this one is 
important. The mailing list program is already defended against this 
threat, so you cant get it from this list (thanks Ryan).

There is a new (9/18) virus that uses yet another security hole in 
Outlook/IE to infect your computer.

Read about this virus at the Mcafee virus center.
http://vil.mcafee.com/dispVirus.asp?virus_k=99209&;

If you use Outlook or certain versions of Internet Explorer you are 
vulnerable. Outlook automatically displays messages sent in HTML format. 
(which is how you can get pretty pictures and colored text in your email 
messages, but it is a BAD thing in lots of ways)

Well in this case, when Outlook attempts to display the HTML message, it 
runs the virus file WITHOUT YOU EVER CLICKING ON THE ATTACHMENT. It does 
this because IE (which Outlook uses to display the HTML) can be tricked 
into running the virus when it thinks it is playing a sound file.

Yes it is true. You don't need to do anything but read the message, and you 
will be infected.

It is also possible to be infected by simply by visiting a website with the 
same embedded virus. I think this may eventually be a bigger problem 
because the it can also infect the Microsoft webserver called IIS if it 
doesn't have the patch installed

The best thing to do is trash Outlook and IE, use Eudora for mail and 
Netscape or Opera for a browser.

The next best thing is to visit the link above, and install the patches 
that Microsoft has released to Outlook and IE to deal with this new threat.

See also
http://www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp
--
Brick Robbins                       mailto:brick@fastpack.com