 |
|
| technology > computing |
![[CNN Money]](http://i.cnn.net/cnn/images/main/fn.logo.newsnet.gif){kind=logo}
![[SI.com]](http://i.cnn.net/cnn/images/main/si.logo.gif){kind=logo}
( | |
 |
|
| |
| |
EDITIONS: | |
MULTIMEDIA: | |
E-MAIL: |
Subscribe to one of our news e-mail lists. Enter your address: |
DISCUSSION: |
CNN WEB SITES: |
 |
TIME INC. SITES: |
CNN NETWORKS: |
|
SITE INFO: |
WEB SERVICES: |
ActiveX flaw can help spread viruses
|
(IDG) -- A flawed ActiveX control makes computers running Internet Explorer Version 5.0 or Microsoft Office 2000 vulnerable to virus infections on most e-mail systems even if users don't open infected attachments, according to a computer security think tank.
Bethesda, Md.-based SANS Institute revealed yesterday that default security settings on Explorer permit users to receive viruses and spread them by viewing or previewing malicious e-mail without actually opening an attachment or visiting a malicious Web site.
| MORE COMPUTING INTELLIGENCE |
IDG.net home page
|
| New weapons for battling hostile code |
| ActiveX control opens potential security hole |
| Survival tips for e-mail junkies |
| Reviews & in-depth info at IDG.net |
| Computerworld's home page |
| Subscribe to IDG.net's free daily newsletter for IT leaders |
The security hole is created by a flaw in an Explorer ActiveX control called scriptlet.typelib. While the hole can be closed in minutes using tools available on Microsoft's security site, simply updating antivirus tools isn't an effective solution, according to SANS.
"This is by far the fastest growing virus distribution program and ripe for a hugely destructive event ÷ at least as large as the 'I Love You' virus," warned SANS in a bulletin issued in its recent newsletter.
The correction script may be run directly from a page on Microsoft's Web site.
RELATED STORIES:
New e-mail virus may hurt worse than 'Love'
May 12, 2000
Security experts say hackers have the edge
May 11, 2000
I was bitten by the love bug
May 8, 2000
Reno announces new agency to fight Internet fraud
May 8, 2000
Experts say more legislation will not deter computer hackers
May 5, 2000
RELATED IDG.net STORIES:
ActiveX control opens potential security hole
Computerworld
New weapons for battling hostile code
Network World Fusion
Security firm warns of e-mail Web-jacking
IDG.net
Are you sure that you're secure?
Linuxworld
IE flaws show you can't even trust a 'secure' design
Infoworld
ActiveX security glitch found in Explorer 5.0
Computerworld
Hackers, IT consultants embrace free security tool
Computerworld
Survival tips for e-mail junkies
PC World
RELATED SITES:
SANS Institute
Microsoft's security site
Computerworld security forum
Note: Pages will open in a new browser windowExternal sites are not endorsed by CNN Interactive.