Doug Kanter said:
"know/trust" is irrelevant if YOU were the first to get the virus. And,
this *does* happen (although rarely) if the virus is rampant before AV
publishers get ahead of it. So, you can get it first, and spread it to
others.
It's only irrelevant if the user always deploys Safe Hex and opens an
email from a known/trusted, which then in turn runs the newly propogating
Trojans code. In this case the user would not be the first to be
compromised by a new virus running rampant.
It would also only be irrelevant if the new rampant virus compromised
machines via the internet, no matter the security guidelines set by any
admin or user.
My mention of the matter on hand was/is: Simply by replying to an email
that you recieved and having their addy automatically added to your address
book does not compromise the machine, all it does is add the sender to the
book. It doesn't run/execute any Trojans code, simply opening an email
can/does run code for some Trojans while others have a link or executable
attachment that must be clicked/opened in order for the code to execute.
So, when AV publishers say that a virus re-sends itself to everyone in
the infected computer's address book, this is......a fairy tale?
No it is not a fairy tail. Many viruse have their own mass mailing
engine which procure the compromised machines addys from the book, which in
turn is then sent to every addy procured. If the virus does not have it's
own engine, then the unknowing user can propogate the virus via email,
internet or disk without ever using an addy from the book.
--
Brian A. Sesko { MS MVP_Shell/User }
Conflicts start where information lacks.
http://basconotw.mvps.org/
Suggested posting do's/don'ts:
http://www.dts-l.org/goodpost.htm
How to ask a question:
http://support.microsoft.com/kb/555375
The user with the custom-made copy, ya know?