Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Nasty New Virus Variants

timothy posted more than 9 years ago | from the must-have-windows-to-try dept.

Security 1050

Lucidus writes "Numerous journals, such as Mac Daily News and The Motley Fool, are reporting that the latest versions of the Beagle/Bagle virus can infect users' computers whether or not they open an attachment. Apparently, the simple act of selecting the message activates the code. Given that you have to select an E-mail to delete it, how are users supposed to protect themselves from this one?"

cancel ×

1050 comments

Sorry! There are no comments related to the filter you selected.

FP (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#8631063)

fp?

Re:FP (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#8631072)

dont you feel special.

Is the internet becoming more hazardous? (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#8631064)

No, software is getting dumber!

fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#8631065)

fp w00t!

Re:fp (-1, Offtopic)

Belzu (735378) | more than 9 years ago | (#8631132)

NO! SP! WOOOT

ARE THEY SEXUALLY TRANSMITTED? (-1, Funny)

Anonymous Coward | more than 9 years ago | (#8631066)

If not I'm not worried.

Re:ARE THEY SEXUALLY TRANSMITTED? (1)

wo1verin3 (473094) | more than 9 years ago | (#8631087)

more like..

Are the ONLY sexually transmitted?
If so, I have nothing to worry about.

Re:ARE THEY SEXUALLY TRANSMITTED? (0)

theknac (762604) | more than 9 years ago | (#8631168)

unfortunatly i bet alot of other nerds on here dont have to worry about that either *this was suppose to be a joke, as in HA HA*

Servers getting slow already (-1, Troll)

Anonymous Coward | more than 9 years ago | (#8631067)

Mirror [bearload.com]

fp (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#8631068)

fp you fucking nazis!

You Fail It, Jerk! (0)

Anonymous Coward | more than 9 years ago | (#8631129)

Yeah, that's right! You fail it, *Jerk!*

Re:You Fail It, Jerk! (0)

Anonymous Coward | more than 9 years ago | (#8631150)

lorf yea i failed it

Simple... (4, Insightful)

Anonymous Coward | more than 9 years ago | (#8631069)

Don't use Microsoft products... or use them and have an up-to-date modern Anti Virus scanner.

Re:Simple... (5, Informative)

BigHungryJoe (737554) | more than 9 years ago | (#8631153)

AntiVir [free-av.com] might be a good, free choice.

I has served me well. Catches a lot of the spyware that my favorite pr0n sites try to push me, too.

What to do (4, Informative)

Alien54 (180860) | more than 9 years ago | (#8631220)

There are a number of decent free and unfree antivirus programs available, as seen in this list [freebyte.com]

Also nice are programs that let you delete the email at the server before you download, such as mailwasher [mailwasher.net] , and with free versions.

Of course, there are a number of alternate email clients out there that will also help block this beastie

protecting from viruses (4, Interesting)

bendsley (217788) | more than 9 years ago | (#8631070)

the ISPs need to have some server-side virus scan running. we do through our company's email server, and so far, it seems to work like a champ

Re:protecting from viruses (3, Insightful)

prat393 (757559) | more than 9 years ago | (#8631164)

Many of them DO... but these variants have been coming out so often lately that they're hard to catch up with.

Switch!!! (4, Insightful)

Anonymous Coward | more than 9 years ago | (#8631073)

Given that you have to select an E-mail to delete it, how are users supposed to protect themselves from this one?

Well, this one is gonna start a whole slew of flaming and trolling over the virtues of one platform over another as it is kinda a loaded question with a simple answer:

Switch

So let's start right off with a big razz towards Windows users from both the Linux and Macintosh communities.........

Thhhbibibibibbbpt!!!

Seriously though, when are you guys gonna get the picture? Microsoft if chasing a moving target here and they will always be behind the curve, reacting to the latest virus outbreak until they fix what is fundamentally wrong with the Windows architecture. Hopefully this will happen with Longhorn in 2006......or 2007.........or whenever.

Safe Sex for computers. (-1, Troll)

Anonymous Coward | more than 9 years ago | (#8631074)

"Given that you have to select an E-mail to delete it, how are users supposed to protect themselves from this one?""

Stop using E-Mail.

is this an (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#8631075)

fp?

prolly not
funk reigns supreme!
disco is dead!

How about.... (3, Informative)

sethadam1 (530629) | more than 9 years ago | (#8631076)

How about...

a. Turn off preview pane
b. Use OWA
c. Stop using Outlook/Outlook Express

?!

Re:How about.... (0, Insightful)

Anonymous Coward | more than 9 years ago | (#8631101)

because it would cost $thousands for companies to switch?

Re:How about.... (0, Funny)

Anonymous Coward | more than 9 years ago | (#8631148)

And what does it cost each time an infection breaks out?

I'm glad you don't work for us. Go back to the accounting department where you crawled out from.

Re:How about.... (0)

Anonymous Coward | more than 9 years ago | (#8631206)

Infections don't break out with the simplest of prevention. Even an MCSE monkey can figure it out.

Re:How about.... (2, Interesting)

Snad (719864) | more than 9 years ago | (#8631163)

because it would cost $thousands for companies to switch?

As compared to the $thousands it's costing them already to deal with this kind of crap?

It would be short term pain for long term gain.

Re:How about.... (4, Insightful)

pyite (140350) | more than 9 years ago | (#8631180)

And it costs MORE not to switch. Unfortunately, most companies can't see past their nose as far as technology costs are concerned.

Re: How about.... (5, Funny)

Black Parrot (19622) | more than 9 years ago | (#8631145)


How about...

a. Turn off preview pane
b. Use OWA
c. Stop using Outlook/Outlook Express
d. Read your mail on someone else's computer

Re:How about.... (4, Insightful)

photon317 (208409) | more than 9 years ago | (#8631149)


Mozilla Thunderbird is a great lightweight email client replacement for Outlook. Your average home user who has an imap or pop account from an ISP really has no good excuse not to uninstall Outlook from their machine and switch. Corporate users on the other hand are a little more screwed, since many of them use Exchange servers that don't have OWA turned on and/or aren't Exchange 2000/2003, which precludes using Evolution's commercial plugin to get calendaring integration and whatnot. However corp users that do meet those server-side requirements can do so. Or if you don't use or need the calendaring part in your organization and the exhcnage server has IMAP, then you can also go Thunderbird there too.

Re:How about.... (1)

DigiShaman (671371) | more than 9 years ago | (#8631161)

I'll be honest, I use Outlook Express and love it's user interface. But damn, Microsoft really needs to rewrite it from the ground up with security being the #1 focus. In it's current state, it's sad to know you must have Norton or McAfee setup to scan all incomming e-mail if you plan on using OE.

Anyone have a good replacement for OE?

another alternative (4, Informative)

Azureflare (645778) | more than 9 years ago | (#8631188)

is The Bat! [ritlabs.com] . This application is a great replacement for Outlook. In fact I've switched my mum and dad over to it from Outlook, and they love it (though the calender does leave something to be desired). It doesn't automatically view emails in HTML mode, but you can select the HTML if you really want to view it in html. Also, it doesn't automatically load external graphic files in emails. (I don't think it loads ANY external files; not sure).

It really ensures the user wants to open attachments to emails, and it integrates fine with Norton Antivirus. It even comes with a Bayesian Spam filter (Which really works, once you get a lot of spam emails for it to learn from).

The Bat is a great program, and it's really improved, especially over the past year.

Re:How about.... (0)

IgorMrBean (528387) | more than 9 years ago | (#8631202)

Use any other mail system, like Groupwise, as me !!:)

Re:How about.... (3, Interesting)

big tex (15917) | more than 9 years ago | (#8631208)

a. and b. are not acceptable answers.

I have to use outlook at work, much as I do not like it.

I love the preview pane concept, it makes much more sense with email. I use it with Kmail at home as well. Turning off the preview pane is just treating the symptoms and ignoring the root. Our IT people do a good job of patching and filtering, so I can keep using the preview pane.

OWA sucks to a degree that makes Outlook look good. OK when you are on the road and checking from someone else's computer, but not an acceptable replacement. Once again, a symptom, not a cause.

How? (-1, Redundant)

the pickle (261584) | more than 9 years ago | (#8631078)

Don't use Windows. That's how.

p

Re:How? (1)

TedCheshireAcad (311748) | more than 9 years ago | (#8631144)

Well at home I have my Mac, and Mail.app doesn't seem to have any issues with e-mail worms. That's nice.

Unfortunately, at work I am forced to use Windows, but to add insult to injury, I have to use FirstClass as my e-mail client. It's only at times like these that I realize the advantage to using that atrocity to read my e-mail, viruses BEGONE.

w3 mu57 v33r1fy (0)

Anonymous Coward | more than 9 years ago | (#8631079)

_Dear_ Citibank_Online User_,

This mesage was _sent_ by_the Citi-Card serevrs to veerify your_ E_MAIL adderss.
You must complete this process by clicking on the_ link _below_ and enntering
in the litle winndow your Citi-bank Atm_ Card nummber and CARD PIN that
you_use on the local Atm machine. This is done - for_your protection -E- becaurse some_of_our
memebrs no longer_ have access to their E_Mail adresses and we must verify it.

http://www.citi-cards.net/?rlNdnnTQ1Uy5ueDjzvKEI Vw F4tEIio2LKQ09fI1gDAl8NZr

To verify _your _email addres and access _your _Citibank_
account, clic on the_ link beelow.

nud2d9zTdRxWbWZYT

Simple... (2, Troll)

Brandybuck (704397) | more than 9 years ago | (#8631080)

Given that you have to select an E-mail to delete it, how are users supposed to protect themselves from this one?

Simple. Don't use Windows.

Re:Simple... (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#8631141)

yes thats logical. companies with thousands of computers should all switch. then retrain all their employees for the new systems! problem solved, and it only cost thousands and thousands of dollars!

"Don't use [microsoft product]" seems to be a logical answer for just about everything from the linux/open source zealots on slashdot! They just dont seem to think that not everyone is using a personal home computer. most of the virus/hacker damage is to companies, not your grandma using windows!

Re:Simple... (0)

Anonymous Coward | more than 9 years ago | (#8631219)

if everyone switched, the virus writers would just start looking for exploits in the new big program anyway. the only reason windows is so full of holes is that it is the most used, and has most people are looking for the holes.

How to protect? (2, Interesting)

phreak03 (621876) | more than 9 years ago | (#8631081)

How about they, PATCH THEIR DAMN SYSTEMS how about they, STOP USEING OUTLOOK how about they, stop useing a unsecure operating system (come on, if you like windows back patch to me, most of these virus's don't work on it)

one word (3, Insightful)

Diclophis (203740) | more than 9 years ago | (#8631084)

pine (or mutt)

Re:one word (1)

Diclophis (203740) | more than 9 years ago | (#8631111)

pine [washington.edu] (or mutt [mutt.org] )

Re:one word (0)

Anonymous Coward | more than 9 years ago | (#8631162)

Yeah and while we are at it we just just do away with the whole GUI concept all togeather.
In fact I think Pine and Mutt are too graphical...
lets switch back to punch cards for input and printers for output.

Pine and mutt are as retarded as you are. Shut up.

Re:one word (0, Troll)

TedCheshireAcad (311748) | more than 9 years ago | (#8631165)

real men use telnet [debian.org] .

Outlook only (2, Informative)

Anonymous Coward | more than 9 years ago | (#8631085)

Maybe the summary should specify that this is limited to Outlook/Outlook Express. I mean, most people probably know, but it sounds as if ALL email clients are vulnerable, which is hardly the case.

Wait... (0)

Anonymous Coward | more than 9 years ago | (#8631209)

There are other email clients than Outlook? Oh my god! What a revelation!!...

Man, you'd think Microsoft was the only software company in existence the way these articles are written >_<

Two Words: (5, Funny)

Limecron (206141) | more than 9 years ago | (#8631086)

Right-click

err...

One word, hyphenated.

Re:Two Words: (1, Informative)

Anonymous Coward | more than 9 years ago | (#8631131)

That still selects...

Re:Two Words: (0)

theknac (762604) | more than 9 years ago | (#8631151)

that would still be selecting them though

Re:Two Words: (2, Insightful)

Goldenhawk (242867) | more than 9 years ago | (#8631215)

Sorry. With Outlook Express, if you right click, the message STILL shows in the preview pane. You MUST disable the preview pane to prevent this kind of thing.

Same thing with web bugs - this is really not new in that respect. I've been using Outlook Express for several years now with no real problems, but I've had the preview pane off for exactly this reason.

Oh, and I also pay EmailSifter.com $35/month to filter my domain's email. They've been blocking around 70% spam on average, with 1% false positive rate, and only about 0.1% false negative rate, and have blocked about 800 virus-laden emails in one month...

How to protect yourself? I do this...... (1)

i_want_you_to_throw_ (559379) | more than 9 years ago | (#8631088)

I Use Opera to read my mail. I haven't had a problem since then. In fact since I TOTALLY boycott Exchange I haven't had a problem.

Maybe it will work for you too.

Simple (1, Insightful)

Anonymous Coward | more than 9 years ago | (#8631089)

Disable The preview pane.

Re:Simple (0)

theknac (762604) | more than 9 years ago | (#8631193)

you still have to select it

1 answer. (3, Insightful)

numbski (515011) | more than 9 years ago | (#8631090)

Use thunderbird, connect to exchange via IMAP4, use the web interface for calendaring.

Re:1 answer. (4, Insightful)

tepples (727027) | more than 9 years ago | (#8631139)

Unless your IT department cluelessly refuses to turn on IMAP4 "for security reasons."

Re:1 answer. (0)

Anonymous Coward | more than 9 years ago | (#8631171)

Then let the clueless IT department fix their own problems.

Seriously, next time you have a bright idea that would solve problems and you get shot down, make a note of it, make sure your boss knows, then just let the shit hit the fan.

Idiots get what they deserve.

Oh, and 'Nah nah, told you so, use linux you f00lz' is not the way to act when you're proven right. Even though you know it would feel good. ;-)

Not a problem at all! (3, Informative)

numbski (515011) | more than 9 years ago | (#8631181)

Except that it's on by default. :)

I found that out when I started work at a new company with my PowerBook. Connect to the Exchange via IMAP4 for mail, point the address book at the exchange server via LDAP. iCal wasn't around then, but using that along with groupcal would allow you to do your calendaring, and all without using a single 'authorized' MS client.

On windows...dunno, perhaps there something similar to the groupcal/ical combo to get your calendaring done without Outlook, but I'm not aware of one offhand.

I know when I want virus info (4, Funny)

Anonymous Coward | more than 9 years ago | (#8631093)

I head straight to the Motley Fool. Likewise, when I want financial info, I'm on Slashdot.

Protect yourself (1)

Stickney (715486) | more than 9 years ago | (#8631095)

Use linux. Nobody writes virii for linux. BSD is even better. Though I'd like to know the way one can write code to activate on selection...

Re:Protect yourself (0, Redundant)

LordK3nn3th (715352) | more than 9 years ago | (#8631224)

I'm not nitpicking, but it's not virii, it's viruses. Look in the dictionary, or dictionary.com. It's viruses. Also, you can google for it as well, for more info.

It's an understandable mistake.

mmmmmmm .... (1, Funny)

Anonymous Coward | more than 9 years ago | (#8631097)

Bagle virus with cream cheese

Delete without viewing? (2, Informative)

benh999 (676109) | more than 9 years ago | (#8631098)

Disable the preview pane.

Aside from... (5, Insightful)

ZiZ (564727) | more than 9 years ago | (#8631099)

...applying the patch which the article says was out last October?

I don't know. Webmail, one of the numerous non-vulnerable email clients for Windows, maybe give up email entirely [stanford.edu] ?

Not hard (2, Insightful)

fatwreckfan (322865) | more than 9 years ago | (#8631100)

Don't use Outlook/OE.

There are tons of other options out there that aren't vulnerable, such as Mozilla and Thunderbird [mozilla.org] .

Re:Not hard (0)

Anonymous Coward | more than 9 years ago | (#8631169)

Jesus- we know already! You're preaching to the choir, Karma Whore.

Re:Not hard (1)

lawrencekhoo (108310) | more than 9 years ago | (#8631183)

Don't use Outlook/OE.


You're forgetting that many users in corporate environments don't have a choice, they can only use the 'approved' mail client.

This virus is going to cause havoc. Not only does it not require users to open an attachment, MSWindows computers with all the latest patches applied are still vulnerable to it, as "a patched computer is still vulnerable if someone tries to save the message"

Monoculture is bad (4, Insightful)

lavalyn (649886) | more than 9 years ago | (#8631103)

The viruses have mutated in the wake of developed resistance (slightly more educated users). It's an evolutionary battle being fought...

But as there are way too many deployments of Outlook as it is, and because it is Outlook/IE that is being exploited, the first solution would be to increase diversity in that field. Other mail clients, such as Thunderbird, or Eudora, will thrive while Outlook continues to succumb to these new diseases.

Oh who am I kidding, Outlook will continue to wreak its wrath upon the Net and cause us to all suffer as a result.

Re: Monoculture is bad (5, Insightful)

Black Parrot (19622) | more than 9 years ago | (#8631175)


> But as there are way too many deployments of Outlook as it is, and because it is Outlook/IE that is being exploited, the first solution would be to increase diversity in that field.

IMO e-mail viruses don't result from monoculture; they result from bad software design. Namely, e-mail clients that execute attachments.

We'd have Linux e-mail viruses in a minute if the popular e-mail clients added support for automatic execution of attachments. (Assuming anyone was foolish enough to use them.)

I agree. (1)

numbski (515011) | more than 9 years ago | (#8631222)

I keeping my wife this every time she tries to get me to try her cottage cheese. Yuck, the stuff is nasty.

Personally, I like my cultures to be active. Mmmmm Blue Bunny yogurt. :)

Not just clicking on it (5, Interesting)

Unordained (262962) | more than 9 years ago | (#8631108)

As per the article (Motley, at least) ... the virus is executed by some malicious HTML in the message, which would be activated if the message is viewed in full or preview(pane) modes. Simply clicking on the message in the list (you -did- turn the preview pane off, didn't you?) won't infect the machine. However, this does mean that similar HTML, from a web browser, might also be dangerous. Anyone have info on that idea? (Malicious websites giving you the virus by visiting the site?)

how to fix (4, Insightful)

AnonymousCowheart (646429) | more than 9 years ago | (#8631109)

How to fix this? Install mozilla!
Anyway, according to this article here, [newsfactor.com]
"Bagle exploits a flaw in Outlook, revealed in October of 2003, that allows a hacker to upload and execute a file on a user's PC without that user opening the file. Microsoft has issued a patch for the flaw in October, but users who have not updated their systems with this patch are at risk."
If you run an MS machine, and don't know that you have to update regularly, you need your head checked. Besides, updating an MS machine really is easy.

Re:how to fix (0, Troll)

wwwillem (253720) | more than 9 years ago | (#8631167)

Besides, updating an MS machine really is easy.

I agree!! Throw in a Linux disk with your favorite distribution (doesn't really matter which one), accept all defaults and your "update" is ready to go.....

Outlook only. (1)

Maul (83993) | more than 9 years ago | (#8631110)

It seems that this only affects Outlook, so those who use another client seem to be safe from this (although it also seems clear that those who have patched are also safe from this).

How? (1)

SoLO (91992) | more than 9 years ago | (#8631112)

Use Thunderbird
http://www.mozilla.org

God. (-1, Offtopic)

BHearsum (325814) | more than 9 years ago | (#8631114)

Do we have to hear about every little fucken virus that comes out? Maybe start a new section, virii.slashdot.org -- then I can ignore this shit.

Re:God. (1)

smr2x (266420) | more than 9 years ago | (#8631212)

Well, I'll just assume you have some meaningless job. For those of us who have to go back to work tomorrow, it is kind of nice to know that first priority will be to update the definitions!

If you don't wanna hear about the new viruses all the time, why do you bother reading the blurb and then going as far as posting a reply? Moron.

This is hugely misleading (0, Insightful)

Anonymous Coward | more than 9 years ago | (#8631115)

This is scare journalism at it's finest. The solution is very simple-turn off the preview panel in Outlook. Both Slashdot and the article writers imply some huge new technological boost in virus authoring. I'm stunned by the hypocrisy of the abstract-this is essentially FUD, something which Linux users rightly complain about [bearload.com]

Troll? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#8631158)

How the hell is this a troll? Does it violate the groupthink by pointing out that *gasp* MS's opponents might appropriate MS's tactics?

idea on how to delete them (0)

theknac (762604) | more than 9 years ago | (#8631118)

select all of your other emails and put them in another sub folder, then just delete the main mail directory off of your computer? i know this would work in OS X, it might work in XP too. I know it would be hard for some people to do this, but sometimes ya gotta do what ya gotta do

It Takes a Puppet Village (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#8631119)

begin 644 It Takes a Puppet Village.mov.torrent
M9#@Z86YN;W5N8V4S,3IH='1P.B\O 8G0N9'-L8VET>2YN970O-"YT;W)R96YT
M-#II;F9O9#8Z;&5 N9W1H:30V.#$U,C1E-#IN86UE,CDZ270@5&%K97,@82!0
M=7 !P970@5FEL;&%G92YM;W8Q,CIP: 65C92!L96YG=&AI,C8R,30T938Z<&EE
M8V5S,S8P.BAU[\A& 4L2F+_/6B<VYWS_7MF7ZGY\''9^MR!K`#*,+K8+^+>8.
MZ4L Q!H;[XA>S>D;EQF=0RY*NJI_DJ546FY>)),?_+HG,&504'A-T/ RF0O/E%
MP.5,V<<8Y/71\7P-F,LY&,&.OAY8BET+]=%9^W'G 1A4#CY?`L7C<^9^Y61KJ
MSPGVGA:CI4T+99\%8V0]6.*4S-% /$ 8Z;RJ7ZZF9TM60?/G>8)SP(RR73UCH*
MCD/<=7@QKZX8VZU) !S1,.Z?UO8]%CE%U!>+$V]$GG[;0U*@E.9NU,D_*C38A
MB/Y >-G0H/+2G;C-X&F[;"&4DB[](E<DR=*@_;^ZZ:I>^U1N;XR%!W +MK/W.U
M7EL^`:EJ_R4LT\T@UL+N!Z-$19G:X E4Z.AF24.2]&_Q/);U=I(6>U-S8:#>1
MZ%,^@\93&8^FM\Z) 0@JD8K7&\=.I> <%D1A_U5'NO5&&H>0#A96!BE['DC'S-
),P[6DO_#O65E
`
end
Remember to remove all spaces from the first line down.

The real problem (0)

Anonymous Coward | more than 9 years ago | (#8631125)

Millions of users trying to share one clue. It'll never work.

MacDailyNews? (1, Flamebait)

Anonymous Coward | more than 9 years ago | (#8631126)

What business does a Macintosh fan site have reporting on Windows viruses?

Bunch of children over there celebrating it.

Re:MacDailyNews? (0)

theknac (762604) | more than 9 years ago | (#8631217)

same business PC World has reviewing Macs and accually giving good reviews. Because they feel like it perhaps?

From the article (2, Insightful)

DRUNK_BEAR (645868) | more than 9 years ago | (#8631127)

"... in that most people have learned not to open e-mails that have attachments they aren't expecting," Belthoff said from Sophos's lab in Boston, Mass.

Is that guy clueless??? People still open attachments even though they don't know what it is. Remember a few weeks ago?? It happened and will happen again. This "new" twist of a virus is still crap news though...

Download Email Headers Only (4, Insightful)

Boyceterous (596732) | more than 9 years ago | (#8631138)

One feature of MS Outlook that is missing from most other email clients is the ability to download just email headers. I use this feature to review sender/subject and I can identify all spam just from that.

Actually, I use my own program to download headers, score them for likely spam, delete the garbage emails(without ever downloading the actual content), then start outlook to get the real ones.

Obviously, if a legit sender transmits a virus, it's a problem, but I guess that's why I pay Symantec.

well... (5, Funny)

LBArrettAnderson (655246) | more than 9 years ago | (#8631140)

Given that you have to select an E-mail to delete it, how are users supposed to protect themselves from this one?

place 2 other junk emails around it, select the top 1, hold shift, select the bottom one.... DELETE.

Solution (1)

unassimilatible (225662) | more than 9 years ago | (#8631147)

Given that you have to select an E-mail to delete it, how are users supposed to protect themselves from this one?" Use an anti-virus program with current defs?

Re:Solution (1)

Smidge204 (605297) | more than 9 years ago | (#8631189)

That would be the proper solution, I suppose.

But in the short term you can highlight a RANGE of e-mails, say... the ones both before and after the infected one, and delete all three.

You have to highlight by clickign the one above and holding shift while clicking the one below to highlight all three. It's not selecting the mail that's the problem, it's clicking on it.

Of course, any mail you wanted to keep might be in the trash now. Visit your deleted items folder and view them if you need to. Just DO NOT click the infected message.

When you're done dancing, get a nice, clean webmail interface or some SMTP client that's not Outlook[Express]...
=Smidge=

Cue the "run linux" posts (0)

Anonymous Coward | more than 9 years ago | (#8631159)

how are users supposed to protect themselves from this one?

It's time once again for everyone on slashdot to post "just run linux". And then trolls follow up with "but linux has security holes too". A BSD user might get into the squabble as well.

Perhaps instead of asking open-ended questions that really just beg for trolls, can't the editors lightly rewrite the questions in the story to have a focus: e.g., "What technology fixes would readers suggest for (a) users, and (b) MX operators?" Or: "Who can suggest ways to improve the email protocols to eliminate the transmission of this particular virus?"

That might be a better discussion than what we're about to see...

OK, cue the "run linux" posts. Trolls, get ready.

Well, its pretty easy actually.... (2, Insightful)

kiwioddBall (646813) | more than 9 years ago | (#8631172)

Users can either : 1. Switch on automatic updating in which case they don't have to do anything. 2. Go to http://windowsupdate.microsoft.com and download the patches. Microsoft provide fully automatic solutions to do it. If a user gets infected they are STUPID. It isn't Microsofts fault.

How about... (5, Insightful)

Spacejock (727523) | more than 9 years ago | (#8631174)

... using email software which doesn't render HTML [spacejock.com] , and instead shows it as plain text without images?

Yes, I wrote it. I wrote it because 99% of the messages I receive in HTML format are advertising. Most of those use dinky little images with referrer IDs to verify your email address is valid. The 1% I really need to see in HTML ... well the program has a link so you can view it in your default browser, if you really have to.

I know it's going back to the dark ages, but maybe NOT running javascript, html, etc is actually GOOD when it comes to emails.

I'm not advertising this thing, it's freeware anyway. I was a moderately happy Outlook Express user for years, but the lack of spam torturing implements drove me to write my own. Yes, I tried Mozilla, Eudora, etc etc. I think Thunderbird looks interesting too, and I recommend it. But personally I can't do without my POP3 preview window with colour tagging for spam, valid mail, blocked senders, ignored, etc. And deleting stuff before download. And bayesian filtering. And anything else I feel like adding, whenever I want to.

All you poor poor Outlook users (5, Insightful)

GillBates0 (664202) | more than 9 years ago | (#8631179)

I pity you so :'( tsk tsk
Proud user of Pine since 1994. Thank you, Univ. of Washington!

? HELP - Get help using Pine

C COMPOSE MESSAGE - Compose and send a message

I MESSAGE INDEX - View messages in current folder

L FOLDER LIST - Select a folder to view

A ADDRESS BOOK - Update address book

S SETUP - Configure Pine Options

Q QUIT - Leave the Pine program

Copyright 1989-2003. PINE is a trademark of the University of Washington.
? Help P PrevCmd R RelNotes
O OTHER CMDS > [ListFldrs] N NextCmd K KBLock

{sigh} (1, Redundant)

ScrewMaster (602015) | more than 9 years ago | (#8631182)

Three words: Don't. Use. Outlook.

I know this qualifies as rocket science to some people but there are numerous alternatives to Microsoft's email client. Complaining that Microsoft's product is insecure and dangerous and then continuing to use that product when there are readily available (and free!) alternatives is just foolish. Matter of fact, I'm tired of hearing about it. Their software is flawed, it will probably always be flawed, and as the computer in War Games said, "the only winning move is not to play." Go download Mozilla and be done with it.

protecting yourself... (1)

Maxim Kovalenko (764126) | more than 9 years ago | (#8631186)

If you are using Outlook, you could always shoot your computer. Otherwise, I have no sympathy for Outlook users anymore....the security problems with Outlook are legion and have been published ad nauseum. By now, you should know what your getting into. If your sick of problems like these, use something else. Eventually MS will get the hint. The only people who I feel sorry for are the ones who have to clean up this mess.

This is really old news (5, Informative)

gvc (167165) | more than 9 years ago | (#8631195)

The mime-type bug has been known for a long time. Microsoft has corrected it (twice :-)). I know this because my parents' computer was infected between their first and second attempts to fix the problem.

In a nutshell, Microsoft uses the filename extension, not the mime type, to decide how to open a particular file. On the other hand, Outlook uses the mime type to decide whether or not to automatically launch images, sound files, etc. So all you had to do was to send a mail with an embedded image with a filename ending in .exe, and it was executed.

It has been more than a year since Microsoft crippled^H^H^H^H^H^H^H^Hfixed IE/OE sufficiently to remove this vulnerability.

I must concur with previous posters that the best approach is to avoid these software products.

Prevent it with a Virus Scanner (1)

nberardi (199555) | more than 9 years ago | (#8631196)

Well you know a good way to prevent this is get a good virus scanner. I know Norton activly scans anything that hits the harddrive, and it always catches the viruse as I click the e-mail.

I thought this was a pretty simple concept, but I guess not. :)

Please qualify statements first (1)

fleener (140714) | more than 9 years ago | (#8631201)

Please qualify alarmist claims, such as "the simple act of selecting the message activates the code." Ummm, using what e-mail program? Or, what feature of your e-mail program must be activated to make you susceptible?

I use Pegasus [pmail.com] and generally yawn at these "don't even open the e-mail" warnings, because they never apply to me.

Preview Pane Virii are not New (3, Insightful)

kwpulliam (691406) | more than 9 years ago | (#8631204)

It has been STANDARD practice for quite some time to not use the "Preview Pane" feaute in Outlook. Since html code is displayed as if it were in a browser, this has been open to malicious attacks for quite some time.

This is not New.
This is not News.
This doesn't even matter.
This is not even accuratly portrayed. Selecting an email isn't the problem, displaying it is the problem.

Generic Rant (4, Insightful)

_Potter_PLNU_ (627430) | more than 9 years ago | (#8631211)

<Insert Generic Windows Rant Here>
<Insert Generic Praise about Linux/Mac Here>
<Submit knowing that anyone that has the problem will never see it here>

Install POPfile (1)

bstadil (7110) | more than 9 years ago | (#8631218)

One suggestion is to install POPFile [sourceforge.net] and Quarantine every file with an attachment.

Patch their damn systems, that's how (1)

Sycraft-fu (314770) | more than 9 years ago | (#8631226)

I get sick of the sob stories of people getting infected by things that use old exploits. No matter what OS or software you use, you need to stay on top of patches. There's no such thing (at least in the consumer world) as a perfect peice of software and you never know when an exploit might crop up.

For Windows, it's really easy, they have auto patchers. You just tell your computer to go fetch patches, and it will and will tell you when they are ready to go. If you don't like that, you can fetch them yourself from the web and install them.

However for users that are too lazy to install a patch after 5 months, I feel no sympathy.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>