Thanks Ron, that will suffice as a "fix" for now. Are you saying that when the Klez code changes the KWM window that its not doing anything "evil" in the backround? My concern was that browser change I was seeing upon previewing an infected message meant that the code was executing. Is it true that just by previewing, KWM is not running the virus and installing it onto my system?
Thanks again, Jim C. ---------- Original Message ---------------------------------- From: "Ron Hornbaker" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Tue, 7 May 2002 12:08:44 -0500 >Jim, > >The Klez code isn't doing in harm when it causes the window to refresh to >a page not found error, but I agree it's annoying. Our next release of KWM >will make the auto-preview feature an option. In the meantime, you can >turn off auto-preview using the instructions here: > > http://support.answertrack.com/?kb=865 > >-Ron > > >> -----Original Message----- >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jim >> Cohen >> Sent: Tuesday, May 07, 2002 11:40 AM >> To: [EMAIL PROTECTED] >> Subject: [imail] Klez virus problems >> >> >> I am having some trouble with the Klez virus. >> >> This is the first virus I've had cause problems with my Imail/KWM >> setup. Messages with the Klez code in them are executing if the >> message is shown in the preview pane. >> >> Upon an infected message starting to display in the preview pane, >> my browser then changes from the usual KWM layout into a single >> frameless window showing a page cannot be displayed message. >> >> Can someone explain how these are executing with no action (other >> than previewing the message) by the user? Is this exploiting >> Outlook (on my system but never used), Internet Explorer, Imail, >> or KWM? >> >> Any suggestions for patches, fixes, rules, etc. to solve this? We >> are a very small operation (less than 10 users) and can't afford >> Declude or Imail AV. We do use anti-virus software on the mail >> server and all clients, and its catching everything but these >> messages in KWM. If the same message is read in a webmail program >> (ie Oddpost) other than KWM, our AV software catches the virus as >> an infected attachment. >> >> I'd like Imail/KWM not to run things without getting an OK from >> the user, any suggestions for this as well? >> >> We are running Imail 7.06 with all hotfixes for that version, KWM >> 2.0.9, NT 4.0 Sp6a with all current updates. Also, the browsers >> we connect with are IE 5.5 Sp2 on Windows with all current >> security fixes. >> >> >> Thank you, >> Jim Cohen >> [EMAIL PROTECTED] > > > > > >__________________________________________________________________ ____ >The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc. >Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED] >Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4 >To Manage your Subscription......... http://humankindsystems.com/lists > ______________________________________________________________________ The HKSI-IMail Admin List is hosted by........ Humankind Systems, Inc. Questions, Comments or Complain like Hell.. mailto:[EMAIL PROTECTED] Message Archive... http://www.tallylist.com/archives/index.cfm/mlist.4 To Manage your Subscription......... http://humankindsystems.com/lists
