[LINK] Identity theft virus infects 10,000 computers
Stilgherrian
stil at stilgherrian.com
Thu Aug 3 09:03:21 AEST 2006
On 3/8/06 8:42 AM, "Karl Auer" <kauer at biplane.com.au> wrote:
> Is this really true? How can even Windows get infected by email without
> opening an attachment? Or is it because viewing the email opens a
> website page (HTML email)?
Yes, it's true.
In their default configurations, both Outlook Express and Outlook have the
following behaviour: If you select a message in your inbox -- that is, not
"open" it, but just, say, hit the down cursor key to make it the current
message -- then its contents appear in the "preview pane". That means the
email goes through the HTML parser to generate that display -- that is,
effectively opening the email even if you didn't "open" it in its own
window.
I daresay the email goes through the parser even if not selected, because
the email client has to get the metadata such as number of attachments and
so on.
And that can infect the machine because (1) all this happens at a very deep
level of the OS and... well... it's buggy, and (2) most people run on an
administrator account anyway.
HTH,
Stil
--
Stilgherrian <stil at stilgherrian.com> http://www.stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia. ABN 25 231 641 421
mobile 0407 623 600 (international +61 407 623 600)
fax 02 9516 5630 (international +61 2 9516 5630)
More information about the Link
mailing list