|
Computing veterans will remember that way back when
the primary method that computer viruses used to propagate themselves
was the floppy disk. A user with an infected machine would copy some
files to a floppy, and the virus would surreptitiously add itself to
the disk. When the recipient inserted the disk, the virus copy came to
life and infected yet another computer.
Most of us haven’t even seen
a floppy disk in years, but that didn’t stop the spread of viruses. On
the contrary, the Internet’s now firm foothold in the mainstream has
been a boon to virus writers everywhere, who happily adapted to the new
reality and soon began propagating their malware either via malicious
websites or via infected program files downloaded to users’ machines.
However,
by far the most productive method for viruses to replicate has been the
humble email message: Melissa, I Love You, BadTrans, Sircam, Klez. The
list of email viruses and Trojan horses is a long one, but they all
operate more or less the same way: They arrive as a message attachment,
usually from someone you know. When you open the attachment, the virus
infects your computer and then, without your knowledge, uses your email
client and your address book to ship out messages with more copies of
itself attached. The nastier versions also mess with your computer by
deleting data or corrupting files.
You can avoid infection by one of these viruses by implementing a few commonsense procedures:
Never open an attachment that comes from someone you don’t know. Even
if you know the sender, if the attachment isn’t something you’re
expecting, assume that the sender’s system is infected. Write back and
confirm that the sender emailed the message. Some
viruses come packaged as scripts hidden within messages that use the
HTML format. This means that the virus can run just by viewing the
message! If a message looks suspicious, don’t open it; just delete it.
(Note that you’ll need to turn off the Windows Live Mail Reading pane
before deleting the message. Otherwise, when you highlight the message,
it appears in the Reading pane and sets off the virus. Click Menus in
the toolbar (or press Alt+M), click Layout, deactivate the Show Reading
Pane check box, and click OK.) Caution
It’s
particularly important to turn off the Reading pane before displaying
Windows Live Mail’s Junk E-mail folder. Because many junk messages also
carry a virus payload, your chances of initiating an infection are
highest when working with messages in this folder. Fortunately, Windows
Live Mail is sensible enough to turn off the Reading pane by default
when you open the Junk E-mail folder.
Install
a top-of-the-line antivirus program, particularly one that checks
incoming email. In addition, be sure to keep your antivirus program’s
virus list up-to-date. As you read this, there are probably dozens,
maybe even hundreds, of morally challenged scumnerds designing even
nastier viruses. Regular updates will help you keep up. Here are some
security suites to check out: Norton Internet Security (www.symantec.com/index.jsp)
McAfee Internet Security Suite (http://mcafee.com/us)
Avast! Antivirus (www.avast.com)
AVG Internet Security (http://free.grisoft.com/)
Besides
these general procedures, Windows Live Mail also comes with its own set
of virus protection features. Here’s how to use them:
1. | In
Windows Live Mail, click Menus (or press Alt+M) and then click Safety
Options. Windows Live Mail opens the Safety Options dialog box.
| 2. | Display the Security tab.
| 3. | In the Virus Protection group, you have the following options:
- Select the Internet Explorer Security Zone to Use. From the perspective of Windows Live Mail, you use
the security zones to determine whether to allow active content inside
an HTML-format message to run:
Internet Zone— If you choose this zone, active content is allowed to run. Restricted Sites Zone— If you choose this option, active content is disabled. This is the default setting and the one I recommend. - Warn Me When Other Applications Try to Send Mail as Me—
As I mentioned earlier, it’s possible for programs and scripts to send
email messages without your knowledge. This happens by using Simple MAPI (Messaging Application Programming Interface)
calls, which can send messages via your computer’s default mail
client—and it’s all hidden from you. With this check box activated,
Windows Live Mail displays a warning dialog box when a program or
script attempts to send a message using Simple MAPI.
|
Activating
the Warn Me When Other Applications Try to Send Mail as Me option
protects you against scripts that attempt to send surreptitious
messages using Simple MAPI calls. However, there’s another way to send
messages behind the scenes. It’s Collaboration Data Objects (CDO), and Windows 7 installs it by default. Here’s a sample script that uses CDO to send a message:
Dim objMessage
Dim objConfig
strSchema = "http://schemas.microsoft.com/cdo/configuration/"
Set objConfig = CreateObject("CDO.Configuration")
With objConfig.Fields
.Item(strSchema & "sendusing") = 2
.Item(strSchema & "smtpserver") = "smpt.yourisp.com"
.Item(strSchema & "smtpserverport") = 25
.Item(strSchema & "smtpauthenticate") = 1
.Item(strSchema & "sendusername") = "your_user_name"
.Item(strSchema & "sendpassword") = "your_password"
.Update
End With
Set objMessage = CreateObject("CDO.Message")
With objMessage
Set .Configuration = objConfig
.To = "[email protected]"
.From = "[email protected]"
.Subject = "CDO Test"
.TextBody = "Just testing..."
.Send
End With
Set objMessage = Nothing
Set objConfig = Nothing
The Warn Me When Other Applications Try to Send Mail as Me option does not
trap this kind of script, so bear in mind that your system is still
vulnerable to Trojan horses that send mail via your Windows 7 accounts.
However, in the preceding example, I’ve included code to handle SMTP
authentication (just in case you want to try out the script and your
ISP requires authentication). In practice, a third-party script
wouldn’t know your SMTP password, so a CDO script will fail on any
account that requires authentication.
|
- Do Not Allow Attachments to Be Saved or Opened That Could Potentially Be a Virus—
With this check box activated, Windows Live Mail monitors attachments
to look for file types that could contain viruses or destructive code.
If it detects such a file, it disables your ability to open and save
that file, and it displays a note at the top of the message to let you
know about the unsafe attachment.
|
Internet
Explorer’s built-in unsafe-file list defines the file types that
Windows Live Mail disables. That list includes file types associated
with the following extensions: .ad, .ade, .adp, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shb, .shs, .url, .vb, .vbe, .vbs, .vsd, .vss, .vst, .vsw, .wsc, .wsf, and .wsh.
|
Tip
What
do you do if you want to send a file that’s on the Windows Live Mail
unsafe file list and you want to make sure that the recipient will be
able to open it? The easiest workaround is to compress the file into a .zip file—a file type not blocked by Windows Live Mail, Outlook, or any other mail client that blocks file types.
| 4. | Click OK to put the new settings into effect.
|
|
