If you use Internet Banking never reply to an email from a bank.
Virus Alert (John Nicholls)
MICROSOFT OUTLOOK EMAIL SECURITY UPDATES
Version: SR-1
File size: 2MB/8.3MB
License: Freeware
Minimum requirements: Microsoft Outlook 98/2000
If the recent rash of email viruses have you concerned about
your PC's well-being, then these security updates for
Outlook 98/2000 can help. Once installed, any suspicious
email attachment that could potentially damage or change
your system's settings will be blocked in order to combat
the spread of any viruses. This update will limit your
ability to send and receive EXE and VBS attachments.
However, if security is your primary concern, then these
updates from Microsoft are nothing short of essential. A
better Outlook:
http://1.digital.cnet.com/cgi-bin1/flo?y=elY0MIOH0u0C6eV
Alert: Viruses spreading without opening email attachments.
Patch available.
Email viruses are now spreading WITHOUT THE USER OPENING ANY
ATTACHMENT. Personal computers running Internet Explorer (IE)
version 5.0 and/or Microsoft Office 2000 are vulnerable to virus
attacks using most HTML-enabled email systems, even if the email
recipient opens no attachments. You don't even have to use IE;
just have it installed with the default security settings.
If you have not closed the hole, you can receive viruses (and
spread them) by viewing or previewing malicious email without
opening any attachment, or by visiting a malicious web site. The
problem is caused by a programming bug in an Internet Explorer
ActiveX control called scriptlet.typelib. This is by far the
fastest growing virus distribution problem and ripe for a hugely
destructive event - at least as large as the ILOVEYOU virus.
Updating your virus detection software, while important, is not
an effective solution for this problem. You must also close the
hole.
The hole can be closed in five minutes or less using tools
available at Microsoft's security site:
http://www.microsoft.com/security/bulletins/ms99-032.asp
The correction script may be run directly from:
http://www.microsoft.com/msdownload/iebuild/scriptlet/en/scriptlet.htm
Nine months ago, a major hole was discovered in Microsoft's
Internet Explorer code. The hole allows malicious scripts to run
from within html pages which can come from web sites or within
email. When malicious code comes in email, the receiver does not
have to open any attachment to "catch the virus." It is
transmitted as soon as the html-enabled email reader displays
the message.
Although the hole and correction have been known for nine
months, exploits have been so rare that people have not bothered
to close the hole. In the past few weeks, however, a virus
called kak (or Kakworm), which exploits the hole, has become
extremely common -- more so than any virus except the
ILOVEYOU virus and its offshoots.
------------------------------------------------------------------------------------------------------------------
CNET | DOWNLOAD DISPATCH (PC Edition)
May 9, 2000
Vol. 5, No. 19
If last week's Love Bug epidemic caught you by surprise, take
heart: you weren't alone. After only two days, the destructive
VBS attachment made its way into millions of in-boxes, leaving
a trail of corrupted JPEG images and MP3 files in its wake. And
while the "I Love You" epidemic may be under control for now,
the virus itself is still just as potent as ever, so be on the
lookout for any suspicious email attachments. Of course, if
you're still searching for downloads to disinfect or protect
your PC from the dreaded "I Love You" virus, you can find them
all right here. A little love from Download.com, if you will:
http://1.digital.cnet.com/cgi-bin1/flo?x=dAKhYAAKYuwmuuouB