Previous by Date | Next by Date | Date Index
Previous by Thread | Next by Thread
| Thread Index
| LM_NET
Archive
| |
Hi, I ran into this information on one of the web sites. It appears to be more than the usual email bogus statements. I checked both Netscape and Microsoft sites before sending this off. I copied the article from: http://www.eschoolnews.org/stories/story2.html The netscape version of the story is at: http://home.netscape.com/products/security/resources/bugs/longfile.html?hom 08prt1 Netscape believes that only the Windows environment is affected. Netscape explains how to handle the problem. For the Explorer, both platforms seem to be affected. The explorer information can be found at: http://www.microsoft.com/security/bulletins/ms98-008.htm Those using independent stand alone email packages (Claris or Eudora) appear not to be affected. Netscape and Microsoft are working on fixes. Apparently they haven't got it yet (depending on which article you read). Hope this helps. MaryAnn School tech leaders scramble to neutralize eMail threat By Dennis Pierce, Assistant Editor, eSchool News School technology directors from coast to coast were scrambling early in August to protect their computers from an eMail flaw the U.S. Energy Department called "among the most serious security holes ever identified." The bug puts millions of computers at risk, the energy department warned on July 28. Gaining access via eMail, hackers could send computer commands that could crash hard drives and mangle data. The flaw, discovered in three of the most popular eMail programs, was thought to pose a special danger to schools, which are seen as attractive targets for hackers. At press time, no instance of such destruction had been reported. The problem first was discovered by Finnish researchers in June, authorities said, but word of it did not begin circulating on the internet until late July. So far, tests have shown its presence in the three programs most widely used to read electronic mail: Microsoft's Outlook Express and Outlook 98 and Netscape's current web browser, Communicator. "It's alarming because it affects 99 percent of people on the internet," said Daniel Janal, author of "Risky Business," a primer on protecting your organization from security problems on the internet. Although Qualcomm Corp.'s Eudora is the most popular third-party eMail software, Janal said, most people use the eMail program built into their web browser, such as Netscape's Communicator. Both Microsoft and Netscape posted information about the flaw on their web sites late in July. As news of the problem raced through education circles, school technology directors reacted to the explanations and software patches the companies were offering. Dale Copps, librarian and technology coordinator for the Wardsboro Elementary School in Vermont, speculated whether Microsoft and Netscape had known about the flaw for longer than they've let on. But Copps said he was glad to see Netscape offer an interim solution while the company works to supply a patch. "If they [Netscape] deliver on a patch by the promised middle of August, and if the patch is effective, I will be satisfied," Copps said. The flaw allows any outsider to send a booby-trapped message that could erase a computer's hard drive or even steal information. "What's particularly frightening about this bug is that, to my knowledge, it's the first time a virus can be communicated to another computer with no involvement by the receiver," said Copps. Normally, eMail alone can't do any damage to a system unless the user opens an attachment included by the attacker. The new flaw, however, cannot be so easily avoided. In some test cases, simply trying to delete the eMail message activated the attack. The problem is related to a protocol for attaching documents to an eMail message called Multipurpose Internet Mail Extensions, or MIME. MIME headers tell the eMail software how to treat the attached file. Older eMail software that is not MIME-compliant is not vulnerable to the flaw. Hackers could exploit the flaw by assigning an exceptionally long file name--longer than 200 characters--to an attachment. If the name is too long, it will overflow the eMail software's buffer. At that point, any software code contained in the overflow could execute commands on the user's computer. How to protect your computers ``We're definitely not taking this lightly,'' Microsoft group product manager George Meng told the San Jose Mercury News. ``There definitely is a scenario in which someone could do damage to people's systems.'' Microsoft confirmed the flaw affects versions of Outlook Express shipped with Microsoft Internet Explorer 4.0 or 4.01 on Windows 98, Windows 95, Windows NT 4.0, and Windows NT for DEC Alpha, as well as Windows versions for Macintosh or UNIX machines. Users of Internet Explorer for Windows 3.1 and Windows NT 3.51 operating systems are not affected, Microsoft said. The company released a software patch on July 27 but quickly discovered the patch was ineffective. On July 28, Microsoft said an updated patch would be available soon. Netscape said the flaw affects its Communicator 4.0 through 4.05 on Windows 3.1, 95, 98, or NT platforms and Communicator 4.5 Preview Release 1 on Windows 95, 98, or NT. Versions of Communicator for Macintosh and Unix platforms are not vulnerable, nor are any versions of Netscape Navigator, the company said. Netscape's patch is not expected for another two weeks, but the company has developed a web page to keep its customers informed. In the meantime, if you use one of the versions of Communicator that is vulnerable to attack, Netscape recommends that you configure the software to view attachments as links rather than display them in the text of the message. To do that, select the "View" menu, then select "Attachments" and select "As Links." Also, if you receive a message that contains an attachment with a filename extending beyond the window width, Netscape said you should not select the "File" menu under any circumstances. For more information, see Netscape's web page (URL below). Wardsboro Elementary School uses Netscape Communicator as its eMail software, and Copps said he would be downloading and installing the software patch as soon as it is available. "I'm certainly taking the threat seriously, and I think all educators should," he said. Janal, who runs Norton's antivirus and desktop utility on his personal computer, said the first thing he did after learning about the program flaw was download the latest upgrade from Norton's web site. Users should be sure to upgrade their anti-virus software at least once a month, Janal said, and especially during a big scare. You should also take the time to back up your hard drive, Janal said. At the very least, he said, make copies of your word processing programs, financial files, and any other data files that you created, such as your Windows address book. "The most important thing that you have is your intellectual property," Janal said. If you want to minimize your risks while you wait for the correct patches, you can download a free version of Eudora Light. The third-party eMail software is not affected by the application flaw, experts said. MaryAnn "the librarian" Rizzo District Library Media Specialist 519 Melody Lane Bisbee Unified School District Bisbee, AZ 85603 e-mail address: home: rizzoma@primenet.com work: rizzoma@tcsn.uswest.net web page: http://www.bisbee.k12.az.us/std/rizzo/rizzomain.index.html "We need to educate our children for their future, not our past." A.C. Clark "Keep smiling. It keeps others wondering about you." M. Rizzo =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-= To quit LM_NET (or set-reset NOMAIL or DIGEST), Send email to listserv@listserv.syr.edu In the message write EITHER: 1) SIGNOFF LM_NET 2) SET LM_NET NOMAIL or 3) SET LM_NET DIGEST 3) SET LM_NET MAIL * Please allow for confirmation from Listserv For LM_NET Help & Archives see: http://ericir.syr.edu/lm_net/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=