On Tue, 26 Mar 2002, Robert Scott wrote: > No, the attachment must be opened to infect the system. But it can happen > automatically, without your deciding to do so if your e-mail program is > configured to open certain MIME headers automatically. Internet Explorer, > unfortunately, is configured this way by default, but it can be changed. I > don't think Eudora has this problem. That was my point. There is no need for it to be *explicitly* opened by the user, and there is no indication when your mail system has done this. Here's a little MS horror story on this. I successfully removed the badtrans which I acquired from RPT Mr Owen last night [when unfortunately my anti-virus software was de-activated]...no damage, no problem. I haven't been so lucky with Microsoft Corporation in the past. In order to repair the security fault with Outlook Express [the one which allows the badtrans worm into the system] I had to download and install [cannot be uninstalled either once installed] the "System Pack 2 update" for Windows 2000 directly from Microsoft downloads [17 MB]. It's not that this contained the security fix, rather you can't install the security fix without the system pack 2 update. Microsoft is better than any virus here, and my system was completely unusable after installing the update - couldn't re-boot, couldn't get into the disk, nothing. The only way to fix it was to transplant the disk to another computer and download the file system, then re-format the drive and re-install Windows 2000...without the system pack 2 update, and consequently without the security fix, which is why my system was vulnerable to Mr RPT Owen's message. So, when Microsoft claim to be on top of security issues, don't believe them [not that you should ever believe anything that that company tells anyone]. It's a moot point whether the badtrans worm can "open without being opened". For all intents and purposes this is exactly what it does on many systems. I would wager some good money, Newton, that you have it, based on what you describe happened yesterday for you. Best to check out your system. What's your mail system? Stephen
This PTG archive page provided courtesy of Moy Piano Service, LLC