If you are unfortunate enough to be using Microsoft Lookout!, and cannot switch to Eudora or another non-bogus email client, consider tweaking your security settings.
It’s somewhere int the ‘tools->options’ menu item, there is a ‘security’ tab. Go there and adjust all your security settings to maximum.
One problem is that Outlook provides a way to specify different levels of security for different senders - if someone from the internet sends you mail it can have different security than if someone from down the hall sends it. So, if Joe down in Accounting catches a worm, you are more likely to get it because you are ‘cozy’ with him.
Turn off preview, turn off all that active content crap, or switch to some other program.
I’d rather be “blissfully ignorant” than “willfully stupid” like you seem to be.
Yes, they do. But this virus did NOT spread so far and so fast through people’s home PCs. It wasn’t Mom emailing Johnny at college, or Sally sending Suzy the latest Neiman Marcus cookie recipe, or even you incessantly bothering Cindi@IHAVEBIGBOOBS.com.
It spread through business and government computer networks, partly because people are using their work computer accounts to send and receive personal email.
Yes, they are. Let’s see, you are using the company’s computer, their bandwith, on their time. Are you there to do your job, or exchange “I LOVE YOU” notes? Is it a job, or junior high?
Well bully for you, but it’s not very smart on your company’s part, from a security standpoint.
You just made Employee of the Month. Your picture will be in the hall. Everyone will adore you.
Rrrrright. In the real world, of course, things are different. And although people use company e-mail for private messages, that does not automatically mean willfully forwarding infected messages. But I’m sure you knew that.
But thanks for explaining your “theft of resources” remark. It was a very surprising definition :rolleyes:
The point is, that it is rather silly to get fundamental about these issues. People use and always will use company resources for private matters. E-mail, the phone, the Xerox machine, paperclips, you name it. As long as it’s incidental, there’s nothing wrong with that. I’m sure your boss will be delighted to have such a dedicated employee that NEVER uses company resources for private matters, but he will also know that you are the only one.
Before things escalate into some sort of full scale war over personal email on corporate systems, I have a question. From what I understand, this virus replicates itself through a person’s address book. From what I also understand, some companies have a sort of “shared” address book on the network (this is a feature of Outlook). If my understanding is correct, it only takes one person to potentially infect an entire company.
My company wasn’t hit - we use Lotus Notes (and this is one of the VERY few times I’m thankful for that). But someone I know does use Outlook with a shared address book - someone in the Navy. I don’t know if this is considered a security risk yet, but methinks it needs to be reevaluated.
inkblot
On an MS Exchange system, the email clients (usually Outlook) connect to the Exchange server’s Global Address List, containing the Exchange Directory (everybody on the network’s address). There are also Public Contacts folders that are common for all users with permissions. The user also can have a Personal Address Book and any number of Contacts folders. A Melissa-class worm potentially can look for addresses in all of these locations and send mail to them.
Now, this is not to say that Exchange or its directories are corrupt or infected. Email continues to run fine, although can grind to a slow crawl or crash due to the exponential increase in email traffic. This was a far as Melissa went–bogging down mail servers.
ILOVEYOU took that concept and added a malicious script to it, which searched for certain files on your machine (and any server you were mapped to) and over-wrote them with its script.
This is the trap now: An image file called “photo.jpg” is wiped out and replaced with the virus script, now named “photo.jpg.vbs”. Since some people have their Explorer hide extensions (don’t know why), that file can still appear to be called “photo.jpg”. (It does have the icon for a script file, though). So, you go to open this image you may use all the time, but now it is the virus script, and the infection begins anew. Of course, anyone who would do this is extremely stupid, in the view of some people. Web pages that were full of images and their own scripts are now full of the virus script. This is a bad thing.
So, the bottom line is yes, one person can infect an entire network, but not via the Exchange directory. It happens through replication over mapped network drives and accessing formerly innocent files. Everyone involved is stupid and stealing valuable company resources by the minute. Damned stupid, thieving, slacker bastards!!
I guess I could have been more clear here. The email containing the virus is being sent by Exchange to everyone it knows, but it’s not “infecting” anything at that point. The actual infection comes from opening the attachment to the mail by the user, plus the other methos I described.