Which email attachments are safe to open?
- by Dennis Faas on 20041203 @ 12:32AM EST | google it | send to friends
- Filed under Security | (related terms: file, email, attachments, outlook express, open)
Gazette Reader Polly B. writes:
" Dear Dennis,
I've downloaded and successfully installed Service Pack 2 onto my computer. The only complaint I have so far is that Outlook Express is so security tight, that a lot of the email messages I have put aside (with file attachments) now cannot be opened. I went in and took off the Outlook Express Security 'do not allow me to open potentially dangerous attachments' option, and now everything is OK. I felt safe in choosing to disable this 'security features' because I use Norton Security which blocks potentially malicious email attachments. My question to you is: am I correct in assuming this? "
My response:
Not necessarily so. Unless Norton blocks *every* email file attachment (which I'm assuming it does not based on the nature of your question) -- an operating system exploit may be able to bypass routine security measures, such as a Firewall or AntiVirus protection.
For example: a recent Operating System exploit was discovered (Jpeg Of Death) that could potentially execute malicious code on the victim's computer when viewing a JPG file image file. If an HTML email attachment came to you with an embedded / compromised JPG image file, and you chose to open it -- despite warnings -- the exploit might sneak right by you. [Just as a side note: the Jpeg Of Death exploit only affects machine that don't have XP Service Pack 2 installed, but this is just an example of what could happen if another exploit was to be discovered -- even with SP2 installed].
In short: the best way to stay protected when it comes to email attachments is to:
- keep your system up to date
- only open those which you specifically requested
But, even so, this isn't a 100% guarantee.
