> > while it is tru you can remove most scriptin support > > with removin the microsoft scripting host, what if > > you're a developer ? Or you're environment requires > > you to be able to run scripts ?
Use a different e-mail client... ;-) That's not too difficult to do, unlike suggesting that people not use MS Office. If 99% of your customers/contact/fellow employees use it and you need 100% compatibility, using StarOffice, Wordperfect, etc is a nice idea, but unrealistic. Please, I don't intend to start a "war"... > 1. Run a virus scanner, and make sure you update it > EVERY DAY (even if you know that the frequency of > updates is slower than that). That may not help actually. I checked Symantec's virus site yesterday afternoon and they still listed a "fix" for this virus as pending. We had no problems here at work that I know of, but we use McAfee. A couple people did get messages from people outside the company, but McAfee caught it and deleted the attachment. > 3. Use an email program that does not support scripting. mutt ?? ;-) > 4. Turn off Explorer's hiding of three-letter file extensions. A > file named "AnnaKournikova.jpg.vbs" is a big tip-off that > something isn't right. There are, supposedly, viruses that can > be loaded even if you preview the message, but for the most > part just seeing the attachment filename is enough for you to > know that the file shouldn't be double-clicked. This, I believe, is related to the "Windows Scripting Host" application. I just unchecked "Hide file extensions for known filetypes" and looked at an e-mail with an Excel spreadsheet attachment. The "xls" extension still shows up. > 5. Set up a quarantine. Not having used Outlook much, I > can't say exactly how to do this, but I'm sure it's possible > to set up a quarantine so that any email containing > attachments (or specific attachments, such as *.vbs) gets > put into a separate folder from "Inbox." While this doesn't > technically prevent you from getting exposed, it at least > puts you on notice that the quarantined files /may/ contain > viruses, and so you're less likely to start double-clicking > at random. Microsoft did release an update/patch for Outlook that had something to do with attachments and certain extensions. I know *.exe was definitely one of them... Otherwise, most anti-virus programs are able to "integrate" into Outlook to do this. On Win9x boxes here, you'll end up with an "Infected items" folder. This does *not* happen on the NT boxes though. Regards Hall
