On the heels of a recent "Trojan Horse" advisory, Stanford's computer security officer warns computer users to exercise caution in running programs to be executed via e-mail.
"If anyone sends you a message that says 'Click here' don't do it unless you're very, very certain the message is legitimate and from a trusted source," said Stephen Hansen. When in doubt, call the security office at 723-1058.
Trojan Horses rely on users to install them, or they can be installed by intruders who have gained unauthorized access by other means, Hansen said. Thus, an intruder attempting to subvert a system using a Trojan Horse relies on other users running the Trojan Horse to be successful. A Trojan Horse is different from a virus because "it wasn't there to replicate itself," Hansen said. "It uses your connection to attack another machine."
He estimates his office receives six
to 12 advisories each month. The latest involved an alleged free
upgrade to the Microsoft Internet Explorer web browser. The
security office received confirmation from Microsoft Corp. that it
does not provide "patches" or upgrades via e-mail, although it does
distribute security bulletins through e-mail. SR