General discussion

Locked

Launching virus from preview pane

By mwleiter ·
Is there any documented evidence of e-mail attachments containing viruses, being started even if the attachment is not opened? I have heard from some users that started the virus from their Outlook client, who swear they never opened the attachment. The only common thread is that they have their view set with a preview pane. Are there any settings in Outlook to configure or are there any security updates that I need to consider?

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Launching virus from preview pane

by SyscoKid In reply to Launching virus from prev ...

Yes, it is possible. "Messages exploiting certain vulnerabilities in HTML mail can force a malicious file attachment to run even if the user only views it in the preview pane or opens the message."

For more info, see:

www.slipstick.com/outlook/antivirus.htm

Slipstick.com is a great resource for Outlook and Exchange users!

Collapse -

Launching virus from preview pane

by mwleiter In reply to Launching virus from prev ...

Poster rated this answer

Collapse -

Launching virus from preview pane

by FNW Web Guy In reply to Launching virus from prev ...

You need to apply the patch provided by Microsoft to prevent Nimda and other similar viruses from launching themselves simply by previewing an email.
See the following page on Microsoft's Technet:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp

Collapse -

Launching virus from preview pane

by FNW Web Guy In reply to Launching virus from prev ...

Info also available in Microsoft's Knowledge Base Article # Q290108

Collapse -

Launching virus from preview pane

by mwleiter In reply to Launching virus from prev ...

Poster rated this answer

Collapse -

Launching virus from preview pane

by chris hirst In reply to Launching virus from prev ...

Go to any Anti Virus site NAI,Trend,Sophos etc and look up the characteristics for the KAK worm, This is one that runs when previewed. There are others, mainly the Javascript or VBScript types where all that is needed is the Scripting host to be present and unsecured.
There are many security patches available, Some will cause more hassle than the very thing they are supposed to prevent so a testing regime and deployment of only the essential and least harmful patches will save you lots of calls from your clients (users)
(I keep being told by my directors not to call them users as it sounds derogatory, and I thought users was polite considering the names they are usually called!)

as with other answers check MS updates and KB and also visit www.slipstick.com for some
impartial advice and probably the best Exchange\Outlook site on the Internet

Collapse -

Launching virus from preview pane

by mwleiter In reply to Launching virus from prev ...

Poster rated this answer

Collapse -

Launching virus from preview pane

by mwleiter In reply to Launching virus from prev ...

This question was closed by the author

Back to Software Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums