PPRuNe Forums - View Single Post - Watch this worm
Thread: Watch this worm
View Single Post
Old 27th November 2005 | 13:40
  #15 (permalink)  
Spinflight
 
Joined: Jul 2005
Posts: 82
Likes: 0
From: Lv426
To be fair to the email client vendors they do make it very difficult to send malicious virus containing emails, however that dosn't stop the virusmongers from using any email server with an open port 25 from spreading these things from the command line.

The only way to prevent your computer becoming infected through ActiveX bugs is to turn off ActiveX scripting, though even this still allows ActiveX to be abused through the Office dlls.

Go to Tools > Intenet Options > Security > Custom and check the disable radio button for ALL of the ActiveX options. This will stop IE (I'm assuming that anyone who uses Moz / FF / Opera knows what they're doing) from running malicious code from websites.

If you run into a site which uses Flash etc then add it to the trusted sites list in the above and you'll stil be able to view them.

This however only works for IE, most people don't realise that Outlook, OE etc can have their own settings.

In OE (sorry, don't have a copy of Outlook to hand) go to Tools > Options > Read and untick the download to preview in preview pane. The go to > Security and set the Zone to Restricted Sites, which you should then configure in IE for later versions of OE. Older versions allow you to configure the zone yourself (which I think was better).

This still dosn't completely prevent ActiveX scripts from running on your computer through email though. Bugs in Access and Powerpoint dll's will still allow malicious code to run automiatically unless you set an admin passoword for each Office component (yes really).

To the best of my knowledge these isues have only partly been fixed (the Access vulnerability is particularly nasty) however the workaround is....

Tools > Security > User and Group Accounts > Admin > Change logon password Tab. Assign a password. This should prevent VBA code being run with root privileges. Any coders out there I'm sure knows just what could be done with this vulnerability.

Microsoft has patched various loopholes over the last couple of years (before that (most of these vulns have been known about since 99 or 2000) they simply say on their bottoms and trotted out the company line that, "It wasn't their fault that people abused email" ) however most peeps tend to wait until a Service pack is available.

Don't, use the microsoft website to check for updates, which, btw, require ActiveX.......

Win XP can be a secure system, my problem with it is that you need to be close to a qualified sysadmin to make it so. Oh and lets not forget that there are nasties out there which can change your security settings even if you are conscientious enough to dimble them
Spinflight is offline