If you use Outlook express you need to be a little more cognizant of the virus dangers than using Netscape. For some reason, Virus people like to attack Microsoft's programs a little more aggressively than other companies programs. It could be that microsoft delivers tools that have security holes in them and people are more inclined to take advantage of them. This is only one reason why we recommend netscape. Please note that these security problems can also affect Netscape if they use the same technology, but usually Netscape is quick to release an upgrade to avoid the problem. Below is an article pulled from the excite news feed.
Eden
Researchers grapple with 'BubbleBoy' virus
Updated 2:40 PM ET November 9, 1999
By Jim Kerstetter, PC Week
Prepare to unlearn everything you've learned about computer viruses.
An anonymous virus writer who is apparently an avid "Seinfeld"
fan has created a virus
-- actually a self-replicating worm -- that can spread itself
through a user's Microsoft
Corp. Outlook or Outlook Express client.
The worm, called "BubbleBoy" in an apparent reference
to a "Seinfeld" episode, is unlike
anything that anti-virus software vendors have seen to this point.
It doesn't rely on an
attachment. Instead, all a user has to do is open an e-mail.
An embedded Visual Basic
Script command attaches itself to the Outlook address book and
mails the e-mail to
everyone in the address list.
"Historically, anti-virus vendors have always told users,
'If you don't open the attachment,
you won't have a problem,'" said Sal Viveros, marketing
manager for Total Virus Defense
at Network Associates Inc. in Santa Clara, Calif. "This
changes that."
For Outlook Express users, it's particularly troubling. Simply
using the preview function
of Outlook Express will allow the worm to replicate.
Still, BubbleBoy is considered low risk by most anti-virus
software vendors, including
Network Associates, Symantec Corp., Computer Associates International
Inc. and Trend
Micro Corp., because it hasn't been reported by any customers.
Besides being a nuisance,
it doesn't carry with it any code that could damage someone's
computer.
Not entirely unexpected
Someone thought to be the virus writer, most likely in an
effort to gain attention, sent
BubbleBoy to anti-virus companies and posted it on several Web
sites Monday night.
Anti-virus vendors worry that this could
be a harbinger of some very nasty things to
come. Last month, researchers at the Virus Bulletin conference
in Vancouver speculated
that something like BubbleBoy could be created. And just a few
days ago, a posting on
several security sites explained how it could be done, said Dan
Schrader, vice president of
new technology at Trend Micro in Cupertino, Calif.
It wouldn't be difficult, Schrader said, for virus writers
to release something like
BubbleBoy into the wild and attach a malicious payload to the
VBS program.
"It's interesting. And it's scary. And it's quite powerful,"
he said. But, Schrader added, it
isn't in the wild quite yet, and most anti-virus vendors should
have it added to their virus
definition lists by the end of the day.
BubbleBoy requires Internet Explorer
5.0 with Windows Scripting Host installed, which
is standard on Windows 98 and Windows 2000. It doesn't run on
Windows NT or on
the default settings of Windows 95. Setting
IE 5.0 to its maximum security setting would
prevent it from doing anything.
Very droll
Users won't know they have been infected until the initial
e-mail blast. After that, the
worm changes the registered owner to BubbleBoy and the organization
to "Vandelay
Industries."
The body of the message simply says, "The BubbleBoy incident, pictures and sounds."
Vandelay Industries, like the BubbleBoy who met an untimely
end during a tense game
of Trivial Pursuit, was a long-running joke on "Seinfeld."
George, Jerry's
often-unemployed sidekick, was fond of saying he worked for the
fictitious Vandelay
Industries.
The BubbleBoy worm may be taking advantage of a Microsoft
security hole for which
there is a patch.
Symantec anti-virus researchers in Santa
Monica, Calif., are trying to determine if
BubbleBoy is taking advantage of an IE 5.0 security flaw discovered
in August. In a
security bulletin dated August 31, Microsoft posted a patch that
eliminates the security
vulnerabilities in two Active X controls of IE 5.0. The net effect
of the vulnerabilities,
according to Microsoft, was that a Web page could take control
of a user's computer
without the user knowing it. The patch is available at windowsupdate.microsoft.com.
Researchers add that BubbleBoy is further proof that, as anti-virus
technology improves,
virus writers are getting smarter, particularly when it comes
to VBS.
"BubbleBoy in of itself is not very dangerous,"
said Narender Mangalam, director of
security products at Computer Associates in Islandia, NY. "The
reason we are all very
interested in this is because it is a proof of concept."