Dial-up forum: email previews

Click on the following link: http://cybercoyote.org/security/prevpane.htm If you do this, to be extra safe you are also supposed to scan "each" and every email with your antivirus program. As an FYI, I did this, but I decided I didn't like it. So I changed it back. Too much trouble. Yes you might be safer, but I have my antivirus and antispyware programs and I scan often so I feel safe. I have been "clean" for quite some time now. Of course, even if you open emails from just people you know, which is what I do, you could still get a virus.
Good Luck,
Eddie

the spam blocker on my earthlink OE program stops everything that is "not" from my "address list" and puts "them" in a separate folder, where I usually tell them that it is spam and they get rid of those emails. I never actually get to a 'preview' unless "I" want to. Are you saying that I'm still not protected?
Hopefully, Microsoft will come out with a patch soon. There of course will always be attacks of some sort. I noticed "Donna" in the V&S forum wasn't putting any patch's in and just waiting for Microsoft, although I understand that you can and maybe should disable scripting. Your advise Bob is, I am sure better, just not something I elect to do at this time.
Thanks,
Eddie

For quite some time, I have been using Mailwasher...a little utility that's free for a single email account.

It allows you to pre-screen the header and text portions of the email body, then gives you the option of deleting, bouncing and blacklisting emails.

It does it while the emails are still on the server, so you never need to actually retrieve an unwanted email to your computer.

To use it effectively, let it run in your system tray. It will notify you when new emails arrive. Be sure to disable your email client's "automatically retrieve email' feature, so you get a chance to look at them first.

It has saved me a lot af time and trouble.

I think you meant to say in Outlook Express, View, Layout Tab, Preview

"The vulnerability is caused due to an error in the processing of the "createTextRange()" method call applied on a radio button control. This can be exploited by e.g. a malicious web site to corrupt memory in a way, which allows the program flow to be redirected to the heap.

Successful exploitation allows execution of arbitrary code.

NOTE: Exploit code is publicly available."
From secunia...

No known firewall, antivirus stops this exploit.

"In the first half of March -- prior to the release of code showing attackers exactly how to exploit a previously unknown (and currently unpatched) flaw in IE -- Secure Science tracked a single hacker group stealing between 1.5 and 2 megabytes of text data from victims each day (a small novel might take up about 1 megabyte of text data). The company found that a data cache of that size usually contains a mix of roughly 1,000 credit card numbers or login credentials for Web mail and online banking sites."
http://blog.washingtonpost.com/securityfix/2006/04/real_world_impact_of_internet_1.html

You can avoid all this by closing the preview and using other browsers.

Bob

Years ago when you bought your computer you could only buy software form the computer maker, there was no choice. Later when a choice became possible I and many other savvy administrators would buy software from many different sources. The primary reason was you could buy the best application for the job, the secondary reason was security. True it was sometimes a pain in the neck getting them to co-operate with each other but the up and coming hackers and virus writers had a harder time. I still hold by this philosophy, I removed all of outlook from my systems and use other email systems. There are many around like Eudora, Pegasus and Thunderbird, there are many more. None of these suffer from the same problems that Outlook does, they don't share microsoft code (another plus). I also have disabled IE, I've not found a way of removing it altogether as some software uses some of it's code ( not smart Adobe).

For a browser use Firefox or Opera, although they have flaws they are not as bad as IE and they are a smaller target.

By not using Microsoft applications it takes the Big Target off of your back. Sure it requires a little extra work but just think of losses and the work you'd have to do if you are hit by one of these malware attacks.