Which email attachments are safe to open?

Dennis Faas's picture

Infopackets Reader Polly B. writes:

" Dear Dennis,

I've downloaded and successfully installed Service Pack 2 onto my computer. The only complaint I have so far is that Outlook Express is so security tight, that a lot of the email messages I have put aside (with file attachments) now cannot be opened. I went in and took off the Outlook Express Security 'do not allow me to open potentially dangerous attachments' option, and now everything is OK. I felt safe in choosing to disable this 'security features' because I use Norton Security which blocks potentially malicious email attachments. My question to you is: am I correct in assuming this? "

My response:

Not necessarily so. Unless Norton blocks *every* email file attachment (which I'm assuming it does not based on the nature of your question) -- an operating system exploit may be able to bypass routine security measures, such as a Firewall or AntiVirus protection.

For example: a recent Operating System exploit was discovered (Jpeg Of Death) that could potentially execute malicious code on the victim's computer when viewing a JPG file image file. If an HTML email attachment came to you with an embedded / compromised JPG image file, and you chose to open it -- despite warnings -- the exploit might sneak right by you. [Just as a side note: the Jpeg Of Death exploit only affects machine that don't have XP Service Pack 2 installed, but this is just an example of what could happen if another exploit was to be discovered -- even with SP2 installed].

In short: the best way to stay protected when it comes to email attachments is to:

  • keep your system up to date
  • only open those which you specifically requested
  • But, even so, this isn't a 100% guarantee.

    Rate this article: 
    No votes yet