[Spambayes] Anti -Virus
Ryan Malayter
rmalayter at bai.org
Tue Oct 28 13:37:13 EST 2003
> From: Todd Lawson
> Subject: Re[2]: [Spambayes] Anti -Virus
<snip>
> My main point here is that the actual email message is not dangerous;
> it is the programs that people use to open email that are dangerous.
> Outlook is one of a small number of email programs that actually allow
> email viruses to execute. There are *many* email clients out there
> that never execute email viruses, thus allowing you to be 100% email
> virus-free.
You make some statements that are not generally true. Outlook indeed has
known (and more unknown) vulnerabilities email attachments, mostly
because it relies on IE to render those. IE has had a number of security
vulnerabilites that allow any code to execute on the system.
However, there have been remote buffer overflows and other security
problems found in non-MS mail programs that allow similar arbitrary
code-execution (i.e. an automatically spreading virus). Simply because
the security holes haven't been exploited by a virus for a particular
email program doesn't mean they're not there, or that a virus will not
be created to exploit them.
Even security-conscious open-source email clients like Sylpheed have
been found vulnerable to carefully crafted, malicious emails. Some
Examples:
Sylpheed: http://www.securityfocus.com/bid/8877/info/
Eudora: http://www.securityfocus.com/bid/5397/discussion/
Netscape/Mozilla: http://www.securityfocus.com/bid/6254/discussion/
Lotus Notes: http://www.securityfocus.com/bid/3458/discussion/
Pine: http://www.securityfocus.com/bid/8588/discussion/
Todd, you cannot be sure of the absolute security of any mail client and
say it "never executes email viruses". And I would say there are not
"many" mail programs that are completely invulnerable to remote
compromise, since that is completely impossible to prove. Your only
evidence is that they haven't been compromised *yet*.
Outlook is the biggest target, so it gets the most attention from the
virus-writing idiots out there. You can fly under the virus radar and
indeed be safer by picking a different email client. But if another mail
program were to even remotely as popular is Outlook and Outlook Express,
you'd see it quickly picked apart as well.
Regards,
Ryan
More information about the Spambayes
mailing list