Virus and email

[Ebisoba]

Ok I've been reading it on it and I'm getting conflicting answers. The question is is it possible to get a virus just by reading emails? Some say if the the email is embedded with html coding (for example emails with images ) it is possible to get a virus just by reading it, while others say it's not possible. So what's the real deal?

[Droppyale]

I believe that yes, t is possible, some email clients have a preview window that basicaly executes the attachment/message.

[crystaldragon]

Yes!
It depends on the way the virus is coded but many times opening the email to read it triggers the virus.
Always keep your antivirus up to date!
I use AVG and I keep it set to scan all incoming email. It works and I don't have so many headaches!

JD

[DVNT1]

It also depends heavily on your email client. In particular clients like Outlook and Outlook Express do things automatically based on content and/or attachments. Microsoft has improved this to reduce some of the risks with later versions of these.

[Ebisoba]

Ok, thanks for the inputs, but to just make absolutely sure. If the email client doesn't automatically open up attachments, it's still possible correct? Also does anyone know how to disable html viewing in Netscape 7.1's email client ?

[DVNT1]

Yes, there was a version (or unpatched version) of MS Outlook/Express that would run html script just by looking at an email via the preview pane. Upon doing this the system could become infected with the virus/worm. I forget the big name virus that exploited this "feature" at the time. Of course with the latest & greatest version (and patch) this should not be possible anymore.

[DVNT1]

It was KLEZ

Quote:

The Klez virus uses the vulnerability that is mentioned in the Microsoft Security bulletin, MS01-020, to automatically start in the preview pane of Microsoft Outlook without a user opening the e-mail message.

Quote:

Applies to:
Microsoft Outlook Express 5.5 for Windows 98 SP 1
Microsoft Outlook Express 5.5 for Windows 98 SP 2
Microsoft Outlook Express 5.01 for Windows 98 SP 1
Microsoft Outlook Express 5.01 for Windows 98 SP 2
Microsoft Outlook Express 5.0 for Windows 98
Microsoft Outlook Express 4.01 for Windows 98 SP 1
Microsoft Outlook Express 4.01 for Windows 98 SP 2
Microsoft Outlook Express 5.5 for Windows 2000 SP 1
Microsoft Outlook Express 5.5 for Windows 2000 SP 2
Microsoft Outlook Express 5.01 for Windows 2000 SP 2
Microsoft Outlook 2000
Microsoft Outlook 2000, Service Release 1 (SR-1)
Microsoft Outlook 98
Microsoft Outlook Express 6.0 for Windows 2000
Microsoft Outlook Express 6.0 for Windows 98

from http://support.microsoft.com/default...b;EN-US;316658

[Ebisoba]

Ok everyone's mentioning Outlook and Outlook Express, but is this a problem with other clients also?

[Brangwen]

Quote:

Originally posted by Ebisoba
Ok everyone's mentioning Outlook and Outlook Express, but is this a problem with other clients also?

That's a very good question . . .

My understanding through reading various posts here over the months and years is that other third-party mail programs ("other" meaning non-Microsoft) are not vulnerable, e.g. Pegasis (sp?). Others here are more knowledgeable than I on this point.

Good luck! And again, good question.

Brangwen

[DVNT1]

I think Lotus Notes client may of had a similar problem, Novell GroupWise has not. Others... I have no idea.

Sorry for the vauge answers but...

Keep in mind the most common clients like MS Outlook (and OE) will be exploited the most since the virus writer gets more "bang for the buck" if they target the largest community. It could easily be that other less known clients are vulnerable but it's relatively unknown.