Protect against email viruses

last revision August 10, 2004

Suggestions to secure your Windows PC:
  1. Use strong passwords
  2. Install security patches
  3. Share files correctly
  4. Use anti-virus software
  5. Protect against email viruses
  6. Install PCLeland
  7. Minimize open network services
  8. Run a security analyzer
  9. Do regular backups
  10. Apply special Windows XP fixes

Email viruses generally spread as attachments to email messages. Some exploit bugs in Windows and its email programs to automatically install themselves on your computer. Most try to trick you into opening the attachment, which will run the virus and install it on your computer. email viruses automatically send themselves to other email addresses found in your address book and saved email. Many email viruses also install "back-door" programs that let hackers take control of your computer.

Installing and configuring Norton Anti-Virus to examine all your incoming email messages will go a long way toward guarding your computer against infection with email viruses, but it is not enough. The LiveUpdate feature that allows Norton to recognize new email viruses necessarily lags a few days behind the initial release of a new virus on the Internet. There are two very important steps that you must take in addition to using Norton.

  1. Never open an attachment to an email message unless you are expecting the attachment, or you have queried the sender to verify that he really intended to send it.

    Email viruses try to trick you into opening them by appearing to be sent from your friends or colleagues for your personal attention. Please resist the urge to open the latest "funny photo" that appears to be from your friend, or the unexpected "spreadsheet" that is supposedly sent for your comments. Check with the supposed sender first that these are legitimate.

  2. Do not use Microsoft Outlook or Outlook Express as your email client. This may sound like a ridiculous suggestion, because these programs come pre-installed on your computer and have many nice features. But they are the specific target of the email virus writers, who take advantage of bugs in these programs to infect your system. The SANS (Sysadmin, Audit, Network, Security) Institute has determined that use of Outlook and Outlook Express is one of the top ten security vulnerabilities in the Windows operating system.

    The tight integration of Outlook and Outlook Express with Internet Explorer and the Windows operating system itself, means that email viruses can exploit bugs not only in Outlook, but also in Internet Explorer and Windows, to spread themselves. These bugs often allow the email virus to infect your computer as soon as it is downloaded, even if you do not open the email or its attachment.

    Every time a new Outlook bug is discovered, Microsoft will eventually release a patch to solve the problem, but meanwhile you could easily be infected by an email virus sent to you, without even realizing it.

    Eudora Pro is the supported PC email program on campus and can be downloaded from the Essential Stanford Software web site. Because it is not integrated with Internet Explorer and Windows, it is generally immune to the automatic spread of email viruses. Of course, you still must refrain from deliberately opening suspicious email attachments even if you are using Eudora Pro.

    If you must use Outlook or Outlook Express, take these precautions:

    • Configure your version of Windows to automatically check for new critical updates on a daily basis, and automatically download and install them where possible (Windows 2000, XP, and 2003).
    • Disable the Message Preview Pane in Outlook or Outlook Express. This feature has had numerous bugs that allow email virus attachments to run on your computer automatically, even though you do not open the attachment. Click on the menu item View -> Layout, and UNcheck the Show preview pane option.
    • Tighten the security settings in Outlook and Outlook Express associated with incoming email. Click on the menu item Select Tools -> Options, and then click on the Security tab. Click on the Restricted sites zone (More secure) radio button, and then manually adjust the setting to high security. Click on the Apply and OK buttons to make this setting take effect.

Comments or Questions?