E-Mail-Borne Virus Danger Detected, Fixed
- By Scott Bekker
Microsoft has released a patch that eliminates a vulnerability that could allow a malicious user to embed an unsafe executable application within an e-mail message and disguise it as a safe type of attachment. The unsafe executable could then be made to execute if the user opened the attachment.
A particular ActiveX control allows cabinet files to be launched and executed. This could allow an HTML e-mail message to contain a malicious cabinet file, disguised as a file of an innocuous type -- such as .jpg, .gif, or .txt. If a user attempted to open this file, the operation would fail, but could leave a copy of the file in a known location. The ActiveX control could then be used via a script embedded in the mail to launch the copy, thereby executing the malicious code.
The affected AcitveX control ships as part of Microsoft Internet Explorer 4 and 5. The patch is available at http://windowsupdate.microsoft.com.
Scott Bekker is editor in chief of Redmond Channel Partner magazine.