UNH T2 Center Header

Virus Update: File Attachment Rules

by Martin England, 
UNH Computing & Information Services

    E-mail file attachments frequently carry dangerous virus, variant, and Trojan horse payloads. They are a leading cause of computer virus infections. E-mail recipients should apply the following practices when receiving e-mail fitted with attachments: 
  1. Setup Windows to show file extensions. (For Windows XP, follow this path: Control Panel>Performance and Maintenance>File Types. Click on the ‘View’ tab. Uncheck ‘Hide Extensions For Known File Types’ box. Visit www.Microsoft.com for information on how to show file extensions on other Windows environments).
  2. Never open any attachment you are not completely familiar with. Always contact the sender to ensure they (a) sent the attachment and (b) checked the file for viruses before sending it. 
  3. Once confirmed with the sender, save the file to disk. Scan the file for viruses before opening. 
  4. Never double-click on an attachment with a two-name file extension, for example Harold.jpeg.pif or Maude.doc.scr. Important: Windows-based machines not set up to view file extensions will not show the second extension. The second extension controls which program opens the attachment; in the previous examples, the doc.scr file is handled the same way as a .scr file, and jpg.pif runs as a .pif file. Both of these extensions are known to contain dangerous payloads.
  5. Files with three file extensions are just as dangerous. Clients using Microsoft Outlook Express should be wary: the program uses the last file extension name to determine the appropriate icon, but the second file extension rule still applies. Beware of three-name extension files. 

Prevention

UNH CIS recommends adhering to the following practices in order to safeguard machines from virus attacks:

  1. Install and update virus protection on all desktop and laptop machines. UNH recommends McAfee VirusScan for their faculty, staff, and students. 
  2. Update Microsoft Security Patches on a regular basis. To check for the latest updates (Windows 98 or higher only), type windowsupdate.mircososoft.com into the Address (IE) or location (Netscape) browser bar and follow instructions. 
  3. MS IE 6.0 clients only: Download and install the latest VirusScan Service Pack 1. Check with local IT support groups if uncertainty exists on how to download and install this file.
  4. Do not open any e-mail attachments from unknown sources. The majority of viruses spread through the use of attachments, and play upon people’s vulnerability of familiarity. If you are not certain whether an attached file is free of malicious content, do not open it, and contact the sender by phone to ask whether the sender is certain it is a clean file.
  5. Clients using HTML formatted e-mail should turn off the Preview Pane, located under the MS Outlook View menu. 
  6. Backup important files onto external sources, such as zip drives, CD-RW, CD-R, floppy diskettes, and other computers. 

For more information on viruses, virus software and protection, please visit www.virus.unh.edu
 

Source:
England, Martin, Signals, Computing and Information Services Vol 2, no 5 pages 1 & 7 http://www.unh.edu/signals/
Woody’s Office Watch http://office-watch.com/

return to Spring 2003