This latest worm from "Helen Johns" (a pseudonym maybe?, came as a MIME
multipart email, with one of the parts being a JavaScript program. That script
tries to find and run Internet Explorer and Outlook programs on your system.
It is obvious that IE and Outlook have big "trapdoors" that allow someone
access to your system while bypassing your password and other security
measures.
Outlook has a further weakness in that it allows VBS (Visual Basic Script) in
email (e.g. the "I Love You" virus)
Most email programs have a MIME list that specify how the various types of
MIME segments (attachments) are to be handled.
The critical ones are EXE, VBS, DOC (MSWord) and XLS (MSExcel)
1. If your email software has the setting, turn off "JavaScript"
interpretation (e.g. Netscape /Edit/Preferences/Advanced menu item allows you
to disable all J/S or only for Mail and Newsgroup).
2. If you don't use I.Explorer and outlook, delete them from your system.
Note that installing/upgrading Microsoft packages like MS Office may reinstall
IE.
3. Do not allow the mail reader to automatically invoke "helper programs" such
as MSWord for the various MIME types.
4. Don't open email attachments that werent pre-announced in a separate
message or that are from email IDs you dont know.
It's worked for me - so far. I use Netscape and IE and Outlook are still
installed but rarely used.
Pegasus is a good mail program - at least it was when I last used i 4-5 years
ago. Just watch out for item #3.
BTW, our list server has NoMIME and NoHTML options but it still forwards
messages with MIME and/or HTML.
Maybe someone here knows how that works.
Joan Hartman wrote:
>
> I thought if I used earthlink for my ISP I had to use Outlook
<....>
--
Frans van Duinen
(416) 652-8580
Toronto, Ontario
