Re: (>H) META-ish: Virus warning

jamesr@best.com
Fri, 1 Nov 1996 11:45:45 +0000


> At 02:27 PM 10/31/96 +0000, jamesr@best.com wrote:
> > You can't get a virus by reading your mail, even if there
> > is a virus attached. The technology doesn't work that way.
>
> IAN: What about a file attached to an email ? These files are loaded
> onto my hardrive like any file, and a virus, as I understand, is basicaly
> an exe file. As far as I can see, one of those attached files can be an
> exe virus file. How is this not so?
>

Many people confuse READING a virus executable with EXECUTING a virus
executable. Every virus contains a trigger that *requires* the
execution of the file. Files don't normally execute by themselves.
In the case of email, it would require the recipient explicitly
executing this file after it was saved to the hard drive. The act of
saving the file to the hard drive does not pose any immediate threat.
Only if the virus is activated does it become a problem.

The exception:

Some applications contain macro languages that can cause damage if
read from a file, instead of being executed. Viruses designed this
way usually have limited capability, and are not really viruses by
definition. Postscript documents are an example of read-only files
that can contain destructive instructions to the application they run
under. There is also a somewhat famous one that runs under MS Word.

Bottom line is don't execute an executable unless you know what it
is.

-James Rogers
jamesr@best.com