VIRUS PROTECTION QUESTION

[Wayne Allen]

I have a question that I hope somebody can give me an answer to. Using
Yahoo Mail or Hotmail is it possible to get a virus from reading your
E-mail messages IF you don't open any messages that have attachements?
I assume that as long as I don't open any messages with attachments I
should be safe, but I've had people tell me that this is not correct.

Thanks!

Wayne

 

[Stephen J. Rush]

I have a question that I hope somebody can give me an answer to. Using
Yahoo Mail or Hotmail is it possible to get a virus from reading your
E-mail messages IF you don't open any messages that have attachements?
I assume that as long as I don't open any messages with attachments I
should be safe, but I've had people tell me that this is not correct.

It probably depends on what you read your mail with. At one time,
there was a worm that could ooze in through Outpost Express even if
you never tried to read the incoming message. Microsoft patched that
hole, but they've been playing vulnerability-of-the-week with Outpost
and OE ever since. Something like Mozilla Thunderbird or Eudora is
safer, if only because any non-MS application is a smaller, less
attractive target for the malware authors.

Any up-to-date antivirus suite will include an email scanner, but I
would still assume that any executable file that arrives as an
unexpected email attachment is up to no good.

 

[D.Currie]

I have a question that I hope somebody can give me an answer to. Using
Yahoo Mail or Hotmail is it possible to get a virus from reading your
E-mail messages IF you don't open any messages that have attachements?
I assume that as long as I don't open any messages with attachments I
should be safe, but I've had people tell me that this is not correct.

Thanks!

Wayne

You don't have to go near your email to get a virus. Nowadays there are
viruses that can get into your computer just because you're connected to the
internet, and there have been viruses spread via instant messenger programs.

While you're slightly more safe if you don't open attachments and don't
preview the emails, that doesn't keep you completely safe, and you never
know how the next virus might spread.

You're better off having a good antivirus program and keeping it updated.

 

[Michael Solomon \(MS-MVP Windows Shell/User\)]

If you mean would this protect you in the same way as an antivirus program
the answer is no and it should not be relied upon as such. There is no
substitute for a good antivirus program and while not perfect, it lowers
your susceptibility considerably.

 

[Unknown]

If you don't open messages that have attachments, have the firewall turned on
AND have the latest updates from MS you won't get a virus. 99% of the time the
virus programs miss a new virus and then have to be updated to catch the
current one. They are useless and an unnecessary cost.

 

[Michael Solomon \(MS-MVP Windows Shell/User\)]

The same is true of the MS-Security Updates or anything else. Assuming the
user receives the updates before an attack, he's fine. By the same token,
an MS Security Update may appear later than the antivirus update in which
case the argument you just made could be applied to the MS-update.

Further, while MS Security Updates plug a vulnerability in the system,
because they work at system level, they may have an adverse affect on the
user's setup and these boards are replete with such examples. Antivirus
programs function on the basis of recognition and as such, don't run the
same risk of destabilizing a users setup. The update adds to the AV
database as opposed to making a system change.

I'm not saying plugging the vulnerability is bad, I am saying it has its
drawbacks and if a user determines a problem is the result of an update,
they can often remove it or use System Restore to go back to a time before
it was installed but still be protected because they also have an antivirus
program that they keep up to date.

 

[Unknown]

The antivirus programs cause far more problems than they prevent. I don't use
any virus programs and never have had a virus. I absolutely despise the
companys Symantec and Norton. They use nothing but scare tactics to sell their
products. Show me a case where a virus detect program saved the day so to
speak.

 

[Michael Solomon \(MS-MVP Windows Shell/User\)]

I don't use either of the mentioned products.

I've had several incidents in newsgroups on this server wherein my AV
program protected my setup when someone either maliciously or unwittingly
posted a message that executed a virus.

In each case, my antivirus program "saved the day so to speak."

My information is anecdotal, so is yours. Better to be safe than sorry,
ever hear the expression, "Your mileage may vary." Telling people to run
without an antivirus program based solely on your own experience is
irresponsible and given what we've seen of virus propagation, it is
dangerous.

 

[D.Currie]

Considering how much of my business consists of removing viruses from
people's computers and repairing the damage they've done, I don't consider
antivirus software an unnecessary expense. Keeping viruses out is a lot
better than removing them afterwards.

I suppose that if you're absolutely scrupulous with email, web sites,
updates, etc., you will be safer from viruses than someone who isn't as
careful. But all it takes is one slip-up or one sneaky new virus. And most
people aren't that careful, or there are multiple users on the computer,
some of whom will click on things they shouldn't.

The other factor is how important the computer and its data is. If the idea
of formatting the drive and wiping everything out isn't a big deal, then
getting a virus isn't as much of a risk as there's less to lose.

But if you have important data and can't afford the time it takes to rebuild
the system and restore the data, then antivirus software is good insurance.

 

[Michael Solomon \(MS-MVP Windows Shell/User\)]

Well said, all good points and good reasons to have an antivirus program.