Slashdot Mirror
Virus Piggybacks Microsoft Mail Worm
metacell writes "A virus (a version of the Chernobyl virus) infects an email worm executable (the Klez worm), and is spread along with it. "
It's a damn good *delete* thing that Microsoft has been *delete* spending the last few weeks
doing a *delete* security audit *delete* of all of *delete* ah never mind. My wrist hurts
from deleting over a meg of mail worm viruses a day.
Hmm, maybe Microsoft could just disable scripts in their email software? That sounds like a good option.
No one uses Outlook macros anyway, except worm writers. It's common sense that I don't want any software, not just viruses, automatically sending email without my consent or confirmation (or even knowledge!)
It is still unpatched, right? Otherwise your submission just looks like stupid MS bashing.
Now that someone's thought of infecting a virus with another virus, when will a white hat think of infecting Klez with some sort of antivirus. Let Klez think its doing its work, but don't actually delete the files its trying to delete. Then, a few weeks later, have code that just shuts down the Klez virus altogether.
Since Outlook is propogating virii, it is responsible for electronic havoc. According to the new legislation, that classifies Outlook as an electronic terrorism program. Ok, so I'm dreaming, but wouldn't you love to see SWAT teams breaking down doors to sieze copies of Outlook?
I am !amused.
Just deleted this klez mail:
Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.
Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.
We developed this free immunity tool to defeat the malicious virus.
You only need to run this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.
If so,Ignore the warning,and select 'continue'.
If you have any question,please mail to me.
Ofcourse, an infected file was attached with the mail..
Why isn't there a version of Evolution for windows? It's great software - I'd pay for it if it wasn't free. And, NO VIRUSES!!!
Unitarian Church: Freethinkers Congregate!
Alright. I've been in the field for some time but have never really pursued this: What other options for email clients do we HAVE besides Outlook/Outlook express in a windows environment?
I'm pretty sure that Eudora is still around, but what is out there for windows-based, user friendly software? It'd almost be worth the switch just to avoid all these damn Outlook-friendly virii.
Because, there hasn't been an Outlook patch kicking around for some time now. And because no open-source software has bugs. Ever.
So, in short, there's two lines of Microsoft bashing there, accompanying a really dull story about a virus that no AV software has any trouble detecting?
Must be the slow season I guess.
Score:-1, Funny
no mather how good a patch is, some people will always remain unpatched/unupgraded. And some of those people also gets viruses and everybody gets irritated by that, I mean, everytime I check at someone's else's PC it ain't patched.
If at first you don't succeed, then sky diving definitely isn't for you.
I use outlook
I have done for many years
I like the interface, its easy to use, and I'm used to it
However, in the past few months I have been recieving more and more viruses and it has seriously made me reconsider my position... Last week alone my virus scanner blocked atleast 50 virus infected emails
I never open attachments, I have the preview pane turned off, I have outlook set to use the restricted zone for emails, I have norton scanning every email I get - but just yesturday I got an email informing me that I'd sent an infected mail out...
I will almost certainly be moving away from outlook within the next week just to get away from it all
Legislation containing the language "BWUHAHAHAHA", while not specifically prohibited by the Constitution, has historically been held in disdain by the Supreme Court.
Karma: Good (despite my invention of the Karma: sig)
its not that hard
allspam folder grows and the sensible people who dont send you worms + virus because they use a decent mailer dont get abused
simple why are you haveing such a hard time ?
ah you must run outlook or be unable of adding filter rules OR even asking you local sysadmin to do it for you all of which mean your a moron
regards
john jones
The BEST virus spreader evern invented... The sad thing is, it doesn't MATTER IF MS fixes it, there are so many millions of the "take me in the ass, script kiddie" versions of Outlook and/or IIS running on 2000/NT and 9x workstations owned by users with no clue as to how to patch their systems that this will be a problem for YEARS...
I'm telling you, software makers NEED liability. It's the only way we will ever have responsible programs released. Right now, software makers can get away with selling products that have defects in them on the order of ones that if they were in cars, would send Ford or GM into receivership.
These e-mail worms would never be able to spread in this way if it were not for defects in Microsoft products.
Until software houses are FORCED by liability that can't be EULA'ed away, there will never be wuality control.
=== The price of freedom is eternal vigilance
While it seems a little draconian, holding individual users liable for viruses that spread via their machines makes sense to me. I'd liken it to automobile collisions--if your failure to properly control your car on the road leads to someone else's property being damaged, you get sued. After all, the owner/operator of a computer, even a home PC, does have the ability to prevent their machine from becoming a vector--if not by picking secure software, then simply by disconnecting the machine from the Internet.
If the incentive existed, individual users would tend to take more responsibility for what moves through their computers.
And sure, most people with PCs and email today don't have a clue about virus transmission, but why should that be an excuse to let their irresponsible behavior cause damage to everyone else? Either get a clue, or leave the net to people who have one.
Procmail is your friend. As soon as I get more than 4 or 5 copies of a spam / worm / virus, it gets a procmail rule to autodelete it. Simple, really...
"The invisible and the non-existent look very much alike." -- Delos B. McKown
So let's see. We have a worm. It's infected with a virus. Double your damage, double your fun... reminds me a little of flesh-eating streptococcus. Regular strep, you get a sore throat and a week or so of penicillin. Give that strep a virus, suddenly your arm starts melting.
Now what I want to know: is this train wreck a coincidence or has someone been cross-breeding?
/Brian
Blaming Microsoft is fashionable here, and, IMHO, encourages people who write viruses that attack MS products (one of many factors, but I suspect it is a major one). However, just because someone leaves there car unlocked does not mean they are at fault should they get robbed.
I'm not saying that better security should not be implemented. However, by simply saying it's MS's fault is simply condoning the virus-writers. Let's make them the pariahs.
The notes about releasing a benivolent virus that locks down Outlook features reminds me of the movie "Brazil," where there was a character that clandestinely made repairs to the failing infrastructure. The "legitimate" repair people never fixed anything; they stalled with paperwork and broke more things than they fixed. On top of that, numerous products were advertised and sold that just put pretty paint over the top of the flawed plumbing, instead of actually improving anything. To top it all off, nearly everybody thought that the "official" technology worked fine, because they'd never experienced anything that actually worked _well_.
Life imitates art.
C'mon; you come to /. - surely you're savvy enough to manage that. And surely you didn't expect sympathy from the crowd here :P
Now I dislike MS as much as the next man, but let's not blame them for all virus emails.
.EXE files that are sent by email. Clueless users double click on these because they are...well...clueless, and think that they are games/pictures/nudey photos of Kournikova, whatever. This activates them, and allows the worm to read the address book and either use Outlook or its own SMTP routine to send itself to all the people in the address book.
.exe, .js and .vbs extensions (plus some other little tricks) and this kills 99.9% of viruses stone dead. Either that, or get your user base educated enough to not blithely double click on everything they see.
Most (but not all) email virus/worms are Javascript, Visual Basic or
MS put the "double click" functionality in to make people's lives easier, and on the whole, they have. Outlook is very easy to use and this is one of the reasons it's so widespread (another being that it's very powerful, but that's going off topic). Combine this ease of use with how common MS Outlook is, and you'll see why virus writers write viruses for it. If some new Mail client became as popular, don't think for a minute that it wouldn't have similar viruses.
All that it takes to stop viruses like Klez is for the mail administrator to block attachments with
I'm not talking here about some of the rather more ominous security holes in Outlook - those that allow code to run by previewing the message - because anyone who hasn't patched that yet is a moron. And there are a couple of holes which MS should be hauled over hot coals for, but they aren't exactly the only software firm to produce insecure software.
Never mind the the Klez virus, those elaborate virus hoaxes are far more annoying because you need to educate the person that emailed you about it that it is in fact a hoax. One only has to look at the latest hoax that tricks user into thinking jdbgmgr.exe, the Microsoft Debugger Registrar for Java is a virus.
aus.music.scrapbook
I'm a half-owner of a small web development company in Ottawa, Ontario (Canada). When we discuss email with our clients (new and old) we *strongly* warn them about the dangers of using MS Outlook (well, MS anything, really). Many are dumbfounded to find out that all the viruses, worms and macros are targeted at MS software. We urge them to change to something else. We should all be doing this. The more users we can get away from MS Outlook, will directly translate into less trouble for ourselves because who do they call? Certainly not Ghostbusters. ;-)
Even if it means setting up just a few systems that don't use outlook, the next time around something clever and nasty is released, those systems won't get infected. Then we bring that to the attention of the PHB's (Pointy Headed Boss, for you non-Dilbert readers). Explain that because those systems weren't infected, it saved x hours.
Just about everyone that we have infuence with has stopped using outlook (with the exception of uncle Bob, but hey, thats his problem). Its saved us time and energy.
In a way, its our duty, as people in the know, to move them away from MS software. Why use software that is going to cause problems? Is Outlook so amazing that it is worth the hours of problems caused by virus outbreaks? I would say no.
I like the kind of software that you install, it works and doesn't cause any troubles.
Besides, migrating users to something else (Opera, Mozilla.. anything!) takes licencing bucks away from MS. ;-) And thats always a good thing.
It's ridiculously funny how email apps (outlook in particular) spread virii.
:)
Think back on a bunch of the copyright issues. Basically, one of the problems is that you are in trouble if your work can be used in illegal ways with great ease. Thats why napster got busted--the courts found that their system was often used for illegaly violating copyright laws, and that they didn't do enough about it (saying "Don't steal music != enough).
well, I am seeing potential lawsuits against microsoft here. Clearly their software is commonly used for spreading virii, and clearly they, too, aren't doing enough about it.
Suuuuuure. They say that security is a "focus," but nothing has really changed. So they obviously are condoning, even promoting, virus writing! Microsoft must be sued to stop them from spreading email virii. It's for the good of the country that this evil corporation must be kept from promoting the internet terrorism which costs taxpayers millions every year.
Just a thought to keep you smiling.
First of all, I did some calculations, and found that there are over 1600 different subject line possibilities alone with this virus! This takes into consideration the number of variable words within the subject lines, and doesn't even account for the number of different message bodies. All things considered, there are probably over 10,000 possibilities!
The second thing about Klez that I find interesting is the payload... You often get totally random files from people's computers (if they survive virus removal)... For example, one of my coworkers got the 2001 operating budget of her church, and was able to see how much everyone was paid, how much they blew on projects, etc... Opening your inbox is like opening presents on christmas morning... most of the stuff is pretty boring, but every once in awhile you open something interesting!
Okay, as a long-time Mac user and a reader of Linux sites like this, I know that Windows carries a massively larger burden of virii than other Operating Systems out there. Time and time again, I have heard it said that this is due to their market share - hackers want to be seen and thus make their virii attackers of the software that most people have. But this really rings hollow for me - the MacOS has always been relatively free of virii, as has Linux, as has BSD, as has AmigaOS, as has BeOS etc. This seems to imply that maybe aside from marketshare, Microsoft engineers (or marketting staff) are doing something wrong.
Let's take a constructive approach to this topic. With so many SysAdmins out there, what are the TOP TEN things that Microsoft (or any OS maker) can do to prevent virii? I am just a humble Business Analyst, but here are a few ideas that come to mind for me (I hope the coders will forgive my ignorance on some of the finer points):
10. Disable scripting in certain programs (e-mail) by default.
9. Automatically download security pactches to PCs if they are of a sufficient severity level (but put measures in place to make sure the same mechanism is not used to transmit virii/worms)
8. Auto-detect large numbers of e-mails being sent at once and alert users before sending
7. Make the default install for all systems the most secure install
6. Create a system to auto-report virus/worm infections to a central (independent) agency for monitoring (user-selectable kill switch for this functionality should be available tho)
5. Allow purchase of "health insurance" for PCs by Microsoft to reimburse for lost productivity/hardware due to infection - monetary incentive for MS to push quality and security
4. Create a module of the OS to track virus reports/alerts and display them in the taskbar - produces one trusted source for alerts and to decrease the effectiveness of e-mail hoaxes
3. Integrate virus alert into mail program for incoming e-mails - advise users when a known large-scale e-mail virus/worm is out there to decrease openning of infected mail.
2. Give sysadmins the ability to change e-mail setting for all users when a large-scale outbreak is going, to specifically turn off scripting, html reading, java, etc.
1. Provide a method for a daily audit of all processes running on a machine to identify all those not initiated by the user, and flag those taking part in suspicious activity.
Not sure if those are insightful or lame. But feel free to improve upon this list, ad infinitum.
So Klez works even by simply previewing the message and launches itself. It has its own mail sending engine, and forges the From: field to look like it's real. It also copies past Subject: fields to fool the recipient.
But this time, our little friend Klez has brought his little friend Elkern32. This nasty little guy infects executables on the infected computer, and is also network aware and infects files across the network. So even people who didn't use Outlook were infected. Some people had hundreds of infected programs on their computer.
And a cool thing about Elkern is that it can randomly overwrite a files bytes with all zeroes, while maintaining the file length. It can be nasty.
All this because no one updates their virus definitions.
Muerte
Why doesn't Microsoft, by default, disable scripting and in Outlook? This is where Outlook is weak at and where the root of all it's problems come from.
Otherwise, more viruses will just keep coming and coming.
You don't have to remove the functionality; just make it REQUIRE the script to be CRYPTOGRAPHICALLY SIGNED by a known entity, like the sysadmin.
Fucking simple solution, unless you wanna argue that clients should execute code from UNKNOWN and UNTRUSTED sources for some reason?
Belief is the currency of delusion.
Come on! Only a lame farker would think Strong Bad was funny.
Strange women lying in ponds distributing swords is no basis for a system of government.
Your wrist hurts? As in... you're using a mouse to delete mail? You use a GRAPHICAL email program???!!!
Oh. Oh Commander Taco. We thought you were so elite... (weep)
In a related note, a _meg_ a day? Who are all these losers that have CmdrTaco's email address stored in their outlook address book? When I sent email to slashdot, I telnet to the SMTP server directly and type it out, just so I can mock all the lusers who have to use pine.
Can't patch this! (stupid repetitive music) Can't patch this!
My wrist hurts from deleting over a meg of mail worm viruses a day
Yes, Taco, it is from handling your mouse that has caused your wrist trouble..
Yeah, sure.
I'm not a server admin by trade, so I don't get involved with mail server administration duties all too often. Can someone suggest some links to mail-server based AV software for Sendmail, Qmail, others?
I often end up providing "tech support" to those who know I'm a "computer guy". None of their hosts use server-based AV software, but I'd like to send them some links.
I only post comments when someone on the internet is wrong.
For as long as people keep insisting that sending spam doesn't hurt anyone cause they can just hit the delete key.
A patch to fix all of Outlook Security problems can be downloaded here
No I'm not trolling, but sometimes I wonder if the writers of Klez / Sircam et.al, were infact white-hats trying to show the average MS user to take security seriously and patch there machine!
Yeah, every office worker knows something about this "security thing" and how the boss said they shouldn't write there passwords down. But only when they start getting mailed other peoples confidential info will they sit up, take notice and patch, or so you would think! Maybe it backfired a bit.
Incidently, try setting your gnutella client to look for .doc .xls and other MS extentions. The number of idiots who have misconfigured there clients (installed on work machines) to share there entire hard drive is worrying. Wake Up!
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
I say this because it isn't the first time 2 viruses have bonded together. I recall many moons ago when a couple other viruses got together.
Viruses usually employ a mechanism to detect if a file is already infected, so they don't keep adding to the size of the file. One used a marker at the beginning of the file to decide if it was infected, one at the end. So the first virus infected the file, the second came along (modifying the beginning as per normal virus behavior, and adding it's marker to the end), then the first came along again and saw the file was not infected so infected it again. THen things stayed the same.
So it would show up as containing virus A, but you could not disinfect it properly, because it would just re-infect as soon as it was run. B wouldn't show up because B was actually a layer down.
On a side note.. the #1 thing that has reduced the number of viruses coming out of my office has been to ban the use of outlook/outlook express.
that Eudora is not user friendly or windows based?
We switched the whole company to Eudora for this very reason. It's good, yet somewhat obscure now and virus writers don't target it.
It's also much better at dealing with attachments, and doesn't corrupt mailboxes as often. It's easy to store years worth of mail in eudora.
Eudora.
Netscape communicator's mail client seems popular as well.
Weird thing is, I've been using Windows for years, and yet I never got a Windows virus. Maybe the problem is with the users, not just the software? The very few times a virus has even made it as far as my box (my ISP filters my mail) it gets clobbered by my AV.
---- Den ene knappen er powerknapp, den andre er Bender voice knapp "Bite My Shiny Metal Ass"
If some other email client becomes popular, then this same argument would apply to that. Although, often a program is popular for a reason, so personal preferences may make this argument moot.
That likely only applies to NEW shipping software - all that old vulnerable stuff out there will need to be 'updated' at something like $85 a pop or more - can you say "80 Billion in the bank" ?
It's always worked before....
try { do() || do_not(); } catch (JediException err) { yoda(err); }
This is really cool. From the article:
"As far as (Chernobyl) is concerned, the Klez worm is just another file to infect," Weafer said. "It's quite common to see piggybacking effects when you have worms that have been propagating for a long time in the world."
So it is likely not that someone was trying to make Klez worse, it just happened on its own.
That wasn't from deleting e-mails, it was from your viewing too much pr0n.
What's more nasty would be viruses which simply modify words and numbers here and there in documents.
Deleted
Okay, I may be playing the shill, but I'm not getting paid for it. I don't know if that makes me bad, or worse.
:)
Anyway.
Check out Intellisync by Pumatech. It's a third-party conduit manager for PalmOS and PocketPC platforms, and it can connect just about everything to everything else. The list of Groupware and Email apps it can sync your handheld to is just staggering.
And although it does have to authenticate to the mail server to retrieve email and calendar items and such, the actual email application does not have to be loaded. Nothing gets previewed. It just goes from the server to your handheld. Nice.
Of course, this does mean that if anybody comes up with a PalmOS virus that can run through an email, you're fscked. And syncing to another machine may help spread the virus. However, and least your sync station will be that much more secure.
GMFTatsujin
Hey, why not put an update for Outlook as payload and spread it around?
http://freshmeat.net/projects/quarantineattachment /
Enjoy.
I wonder if anyone has ever done a study on the amount of net traffic caused by a virus propagating itself. I would think that viruses that can replicate in exponential fashion will end up generating huge amounts of traffic, even if it is only a small text message and executable. To think of all that wasted bandwidth that could be used for important things like pr0n ;-)
metacell writes "A virus (a version of the Chernobyl virus) infects an email worm executable (the Klez worm), and is spread along with it. " It's a damn good *delete* thing that Microsoft has been *delete* spending the last few weeks doing a *delete* security audit *delete* of all of *delete* ah never mind. My wrist hurts from deleting over a meg of mail worm viruses a day.
Maybe you should tell the people on your contact list to stop opening attachments (or at least get the latest patches). Microsoft is all but Moron proof.
linux machines get hacked into every day. Is it a linux flaw? no...it's a user flaw. So why should Microsoft be nay different? Maybe because they're against open source?
There's a JavaMail provider that does the same thing. So any Java mail client will be able to do that as well. Mulberry would, though I don't like Mulberry's user interface.
Incidentally, if you do find a good Java mail client, I'd love to know. I don't use HotMail, but would like a mail client that's cross-platform, developed with a UI I could realistically modify (Swing is easy!), and fundamentally immune to buffer overflows.
Since MS created the breeding ground for these viruses.. maybe we should forward all of our virus-alert messages to microsoft... like billg@microsoft.com, or abuse@microsoft.com
-- You can't idiot-proof anything, because they're always coming out with better idiots.
I'm telling you, software makers NEED liability. It's the only way we will ever have responsible programs released. Right now, software makers can get away with selling products that have defects in them on the order of ones that if they were in cars, would send Ford or GM into receivership.
I'm concerned that attaching liability to software will send a chill through the software development community, especially the free/open source software projects. Large corporations might have the resources to insure against and pay liability claims. Individuals developing software in their free time certainly do not.
In my opinion, writing software is an exercise in freedom of speech, and deserves the same protections afforded to other forms of speech. If I make my speech available to others, under the condition that they accept responsibility for all damage that may occur as a result of its use, I believe that is reasonable.
A few thoughts...
1. Perhaps the burden of non-EULA-immune liability should only be attached when a piece of software is designed to transport, support or safeguard human life, and has failed to meet specific safety standards. Otherwise, I believe you're opening up a huge can of worms, in the already litigious American culture.
2. Software developers and vendors should have the right to dictate any other terms for licensing their software, including limitation of liability, waiver of warrantee, and "as is" delivery. Users and consumers are free to decline to use any software whose licenses are not acceptable to them.
3. Some free software developers have already stopped releasing their software, citing concerns over liability. Broadcast 2000 is one example I am aware of. This is a concrete example of the chilling effects liability can have on software development.
4. People are free to choose software platforms that are more stable, reliable and less prone to being exploited by viruses and worms. If they persist in using unsecure platforms, and take no steps to protect themselves (e.g. antivirus software), they shouldn't be particularly surprised by the outcome.
5. Those who purposely unleash viruses and worms on the Internet with the intent to do damage should be answering for their actions.
</rant>
My car gets 40 rods to the hogshead, and that's the way I likes it!
Then again, with the grammar and spelling skills on display around here, maybe most /.ers don't count as "native English speakers".
;)
So basically you are suggesting that Microsoft rewrite Windows such that it only runs software written in .NET.
This would cause 80,000+ applications to cease functioning, the net effect being not a single user would buy this new OS and use it because none of there existing software works.
Microsoft, even with their monopoly, could not force this down users throats.
Your solution is completely unworkable and shows a strong disconnect with reality.
The auto-preview/run exploit is a PRE IE 5.5 SP2 issue.
That's right. The auto-launching EXE exploit only affects people:
a) Running Outlook Express
b) Running a version of IE before 5.5 SP2.
Considering that IE 5.5 SP2 is VERY old as it is, people who are still using 5.1 or 5.5 initial release haven't bothered updating their software in years--let alone worrying about security patches.
Microsoft can make as many patches as they want, but if people don't install them even given the opportunity of two years, what can you do?
(BTW, I'm not saying that later versions are immune. Just that they won't be auto-infected. All it will do it pop up an Open/Save dialog box at worst...of course, someoen can still run the EXE if they're stupid and get infected.)
-Jayde
What's a sig?
I think that's a pretty strong reading of what I'm suggesting. Quit yer trolling.
.NET, or any other particular framework. I'm just saying that auto-executed programs should be sandboxed. Let MS figure out the best way to make that happen.
I'm not advocating
Now it's true that, since Microsoft didn't architect for this from the start, it's going to be pretty hard for them to make the switch now. And it going to be very hard for them to figure out a migration path that doesn't make like difficult for those 80,000 apps. That's why their new commitment to security isn't going to change things overnight.
But these changes do happen. Though it was bumpy and painful road, they managed to get apps to switch from a DOS-based to a Win-based system, and then to the NT architecture. In another five or ten years, they may have actually managed a switch to a secure platform!
Sure, deleting these emails is a pain, but it's a lot less time-consuming than giving everyone your advice!
That means that hackers would have as much success in hacking FreeBSD or other BSDs, or even Linux.
Don't really how often that happens, but it doesn't sound like idiots can hack *nixes very often.
Vos teneo officium eram periculosus ut vos recipero is.
When those same people regularly bring things that are proven to be dangerous into their homes and they are often ambivalent or even supportive, to say the least, about products which have been statistically shown to lower life expectancy. They will rise up against the laws requiring safe operation of a product and cry "They are taking my liberties away!" Why should (l)users behave any differently when it comes to software? (And for that matter, is it fair to hold software companies to some higher standard of conduct, when other clearly defective products get special legal protection?)
I agree, the script kiddies and software authors are both culpable - but the idiot users aren't exactly innocent. People use Outlook for the same reason virus writers do - because it's easy, and to hell with the consequences.
Everyone will start to cheer when you put on your sailin' shoes.
I don't use outlook but my wife does. What I find so amazing is that Microsoft can still let this happen after it has happened so many times before. I know it is easy to procure a patch that will fix this problem....But what about the last patch that I applied the last time an "outlook" scripting bug decided to reak havoc on the rest of her system? Why did not that patch disallow any arbitary executing of scripts or programs just by viewing an email in the preview pane? Did they only patch it good enough so that that the current virus of the day would be stopped --- but leave it open for future virii to get in through the same door....different angle. Why were they not smart enough to notice the symptoms the first 50 or so times and somewhere cure the disease along the way? And yet many (not mine) fortune 500 companies still use this software? What a joke -- these are the same companies that screan applicants backgrounds, and have 50000 processes in place to protect other business interests -- yet continue to use software that is like a ticking timebomb that is going off on a weekly basis.
(+1 Funny) only if I laugh out loud.
I thought those were deleted explitives, that I was mentally putting back in. Makes it pretty funny...
python -c "x='python -c %sx=%s; print x%%(chr(34),repr(x),chr(34))%s'; print x%(chr(34),repr(x),chr(34))"
First, Outlook != Outlook Express. Once again, I will say, I agree, it's a joke that scripting is on by default in Outlook. It doesn't take a brain surgeon to figure that one out. Furthermore, I will say that I don't see ANY reason to have Outlook Express (the POP3 client) to have scripting AT ALL (or at the very least requiring a separate download to install)
Also, I don't write Outlook scripts for a living (although I do have several I've writen myself to clean up my mailbox, etc). But, to say it is a feature no one uses (or should use) is wrong. There are businesses that do large portions of there business on Outlook Forms, just as there are lots of folks who have done custom Notes development, and just as there are firms that have done customized oracle forms/applications/workflow development.
DO NOT DISTURB THE SE
Clarification:
Simple to identify, but difficult to execute.
That's the wonderful thing about having a good ISP, and friends and family who don't use Outlook. (Friends mostly use Linux, family mostly uses Netscape or Hotmail... I'm trying to convert the Hotmail people to something else.)
To date, I have never received an e-mail virus or worm.
Now, back in the day when I did a lot of floppy exchange... well, I saw several virii "in the wild."
"Alcohol, Tobacco, Firearms, and Explosives" should be a convenience store, not a government agency.
...latest research indicate that "Foot and Mouth" disease is the first virus unable to spread via Outlook.
:).
Experts and laymen alike were shocked
<!-- DHTML / JavaScript menu, popup tooltip, Ajax scripts -->
Now I get it what microsoft means with "We have created an ecosystem with Windows".
:-)
This is pretty cool. Maybe one day the payload of the virus will be the installer of phat-linux
Edwin, not a Linux-fan but thought mentioning the possibility was funny.
bash$
So basically you are saying that any secure solution to Microsoft software "is completely unworkable and shows a strong disconnect with reality."
You're probably right.
You're right about the sandbox, and it's not easy.
Basically, I should be able to run unpatched, buggy, exploitable code with impunity. It doesn't make everything work properly, but it severly curtails the damage possible. I should be able to run the latest Microsft wormage on an unpatched and misconfigured Outlook. It might kill itself, but it should be impossible for it to do anything more than annoy anything else.
Are you THE famous admin who filtered out all messages with "hi" in the subject line just a while back? So funny how many HIgh fligHIng cHIcagoians HIt tHIs sHIpment HIatus. Oh yeah, my companie's clueless exchange group did this to and deleted all sorts of legitmate email.
Quick, tell me something about IIE that's easier to set up than a debian box or two running exim! Give up? So do I. Point whatever client you want at it! Add a corporate calender and sheduler as a seperate application, ZOIKS, they can work togeter! Amazing but true, nothing but M$ shit works with M$ shit, and it hardly does that while dishing out viruses and worms for the world.
My favorite part of this new plauge is that it is an unintentional combination of ancient virus with slightly modified and fast worm. All those, "brainwash" (M$ spokesman's own word) sessions to waste? So sad, too bad, nothing new, get back to work and get rid of that garbage please.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
What a total ludite solution. God forbid someone make a reasonable system with permisions and sandbox clients. Well, M$ did not make a reasonable system, better make sure no one runs anything, let alone write a script or compile a program that makes the computer do something you want it to. Outlook runs as what, "sytem" one click less that "Admin"? There is the problem, not the rest of the world. A good analogy is a house with a roof over half the rooms, Don't let anyone go in there without a rubber! Srcreen saver, music player, greetings card web site, what are you smoking man!? Don't share your work, only M$ can program you know. Don't enjoy your computer, it's like stealing from the company.
The simple and obvious solution is to NOT BUY M$ junk. With free software the company is root and really owns the machines. The users are free to do what pleases them, as they and their clients can not trump the company. Those that use M$, smart updater and what not are NOT root. M$ and other third parties own their machines and everything on them. Duh.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
I've been running E-mail Sanitizer for a few months. It has worked very well. It only tracks the attachments types instead of actually trying to identify viruses. Therefor it even finds most future Outlook-viruses.