Email Preview Pane and Viral Infection Basics

[Guest]

Hello, I am in the IT field and I am confused whether previewing an email can
infect you with a virus. I cannot seem to get a clear answer after talking to
5 different people. Most say you should not preview messages because it can
launch viruses, but my understanding of attachments does not jive with that
concept. I believe previewing is the same as opening the email. I
understand that in order to view the attachment, you can choose to download
and view it, otherwise the Preview pane will not show the content of the
attachment. If the attachment is a .exe type virus for example, the exe will
not run unless I choose to open it, so how can a preview window launch the
exe? Or perhaps current vectors are more creative and can infect me in other
ways more creative than the just cited simple exe example? If you view the
file, you do not execute the attachment...that has been my experience.
However, if the message itself has embedded code, then it is a different
matter. Am I correct? Please help.

Andy

 

[Lanwench [MVP - Exchange]]

Hello, I am in the IT field and I am confused whether previewing an
email can infect you with a virus. I cannot seem to get a clear
answer after talking to 5 different people. Most say you should not
preview messages because it can launch viruses, but my understanding
of attachments does not jive with that concept. I believe previewing
is the same as opening the email. I understand that in order to view
the attachment, you can choose to download and view it, otherwise the
Preview pane will not show the content of the attachment. If the
attachment is a .exe type virus for example, the exe will not run
unless I choose to open it, so how can a preview window launch the
exe? Or perhaps current vectors are more creative and can infect me
in other ways more creative than the just cited simple exe example?
If you view the file, you do not execute the attachment...that has
been my experience. However, if the message itself has embedded code,
then it is a different matter. Am I correct? Please help.

Andy

It's unlikely (most infections occur when someone launches/opens an infected
attachment), but it can be done. If you're using a mail client such as
Outlook 2003 (and higher) that doesn't automatically download crap--or allow
code to execute--within in the message, you're safer. Of course, nothing is
a replacement for good antivirus software.
You might post in m.p.security for more info, as this isn't really an
XP-centric issue.

 

[Guest]

Hello LanWench,

Do you mean it is unlikely most infections occur when one opens an
attachment? And what group is M.P security? Thanks.

-Andy

 

[Lanwench [MVP - Exchange]]

Hello LanWench,

Do you mean it is unlikely most infections occur when one opens an
attachment?

No - that's the *most* likely way (note my parentheses below).

And what group is M.P security? Thanks.

microsoft public.security is a public newsgroup on the Microsoft news
servers. I see you're using the web interface; that isn't the best way to
use the groups.

Here's information on Usenet and using a newsreader - (cribbed shamelessly
from a post by MVP Malke Routh)

http://www.elephantboycomputers.com/page3.html#12-09-02 - a brief
explanation of newsgroups
http://michaelstevenstech.com/outlo...ssnewreader.htm
http://rickrogers.org/setupoe.htm
http://support.microsoft.com/defaul...wto/default.asp
- Set Up Newsreader

http://www.dts-l.org/goodpost.htm

http://aumha.org/nntp.htm - list of MS newsgroups
microsoft.public.test.here - MS group to test if your newsreader is
working properly
http://www.mailmsg.com/SPAM_munging.htm - how to munge email address
http://www.blakjak.demon.co.uk/mul_crss.htm - multiposting vs.
crossposting

Some newsreaders for Windows
http://www.forteinc.com/agent/index.php - for Forte
http://www.mozilla.org (Thunderbird does newsgroups)
http://gravity.tbates.org/