Results 1 to 5 of 5
  1. #1
    2 Star Lounger
    Join Date
    May 2002
    Location
    Houston, Texas, USA
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Email Attachments and the Preview Pane (XP)

    I have heard that in Outlook XP (and in previous versions, as well) attachments to email messages are effectively launched - thus increasing exposure to potential viruses - if viewed via the Preview Pane. Does anyone know whether this is true? If so, is this documented anywhere?

  2. #2
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Roanoke area, Virginia, USA
    Posts
    3,729
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Email Attachments and the Preview Pane (XP)

    it's mostly old wives tales... however, depending on the version of Outlook, iframes (used with klez) could launch and the attachment could run. There is an IE patch that prevents iframes in both OL and OE now.

    In the vast majority of cases, attachments can not and will not run automatically, from either preview or an opened message. Those few that could run in preview would also run if you opened the message.

    Outlook 2000/SP2 and Outlook 2002 offer the greatest security against viruses, especially if you have the latest OS and IE patches installed.

  3. #3
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Email Attachments and the Preview Pane (XP)

    I agree with MaryJ, but, a good anti-virus software will catch the verments when downloading even with the preview pane turned on.

    I use Nortons 2002 it has caught many a klez infected file

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  4. #4
    2 Star Lounger
    Join Date
    May 2002
    Location
    Houston, Texas, USA
    Posts
    100
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Email Attachments and the Preview Pane (XP)

    Many thanks for the responses! This has clarified the issue for me.

  5. #5
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Long Beach, California, USA
    Posts
    1,912
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Email Attachments and the Preview Pane (XP)

    There are a couple of issues here. First is the point about "Attachments" being launched in the Preview Pane and the other is malicious code running from the Preview Pane.

    There have been *several* vulnerabilities where viewing the email -- either directly or in the Preview Pane -- will cause malicious code to run on your computer. The most recent one may have been the <IFrame> vulnerability. However, there have plenty others: VBScript Handling, Cache Bypass -- the list goes on. So, yes, for the present time there is no known vulnerability -- but that does NOT mean there won't be one tomorrow.

    Now, for "Attachments" to be launched from the Preview Pane, something more sophisticated must be done. Normally Attachments are attached -- and therefore are not opened in the Preview Pane. HOWEVER, NIMDA showed us all how to do this. NIMDA made use of a malformed MIME header which told Outlook Express that the attached infectious file was a .WAV file -- however, it was NOT a .WAV file. Since OE thought the attachment was a benign .WAV file, it AUTOMATICALLY ran it! This allowed the NIMDA worm to be executed and helped spread it world wide. User intervention was not required -- simply viewing the message in the Preview Pane would run the worm.

    Let's not forget the Klez onslaught. Klez also ran "Attachments" in the Preview Pane -- and despite the fact that MS released a patch to prevent this months earlier, Klez became the most widely distributed piece of Malware ever! Klez made use of the "Incorrect MIME Header vulnerability" -- in a manner similar to NIMDA.

    These more sophisticated approaches are also presently held in check by MS Security Updates -- but that does not mean someone won't find another approach! And the biggest problem on a global sense is that most people don't install the Security updates. Klez proved this.

    My recommendation: consider the Preview Pane to be potentially a source of a security breach. However, it is no more so than "opening" and reading the email.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •