NorthNet logoNorthNet banner
NorthNetNorthNet
NorthNet
Sign Up


Pay your bill


Service Area


NorthNet Search


News & Weather


News 4U


Tech Support


HOME

NorthNet News





****************
NorthNet News
Issue 36
****************

MARCH WINNER - The winner of NorthNet's Three Free Months Contest for the month of March was Steve Kennison of Lowville.

The random drawing is held on the last day of each month and all residential NorthNet customers are eligible.

ACCESS WHILE TRAVELING - Will you be traveling out of the North Country for business or pleasure? MaGlobe can provide you with Internet access wherever you go, with local dialing from locations in USA, Canada, Europe, Australia, Asia and Africa for as little as $1.98 per hour.

It works like a pre-paid phone card: you purchase so many hours of use and MaGlobe gives you access to the Internet from thousands of locations all over the world. Once on the Internet you can do whatever you do from home; no other Internet service provider is required. There is no setup or monthly charge.

Check MaGlobe (http://www.maglobe.com) for details.

MIME - Microsoft has released a security bulletin http://www.microsoft.com/technet/security/bulletin/ms01-020.asp entitled "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment."

We urge everyone who uses Internet Explorer 5 to install this patch.

EML files are MIME multipart files that IE 5 will parse. There is a vulnerability allowing arbitrary code execution using this kind of file. This vulnerability could allow a hostile page or e-mail to perform any action on your computer. The vulnerability affects IE 5, IE 5.5 over all windows platforms.

What's a MIME type?

MIME is an acronym for Multipurpose Internet Mail Extensions. Its a widely used Internet standard for encoding binary files as e-mail attachments. When an e-mail contains a binary attachment, it must specify what type of file the attachment is, so the mail program can interpret it correctly.

In the case of this vulnerability, IE doesn't correctly handle certain types of fairly unusual MIME types. If an attacker created an e-mail message containing an executable attachment, and specified that it was one of these MIME types, IE would execute the attachment rather than prompting the user.

What would this vulnerability enable an attacker to do?

If an attacker created an e-mail that exploits this vulnerability, she could use it in an attempt to run the executable attachment on another user's computer. She could try to do this through either of two scenarios. First, she could host the HTML mail on her web site, and try to persuade the user to visit it. Second, she could send the email directly to the user.

What kind of actions could the attachment take if it ran?

The attachment would be able to take any action that the user himself could take, including reformatting the hard drive.

COMPUTER COURSES - Jim Crowley, of Crowley Computers in Ogdensburg, will be teaching Introduction to FrontPage 2000. This class will teach you how to develop and maintain your own web site. Also being taught is Introduction to Excel 2000. This is a class for those who desire to learn how to create a spreadsheet and present data from a spreadsheet.

Classes begin April 17 for Excel 2000 and April 19 for FrontPage 2000. If you would like to register for either class you may call Crowley Computers at 394-7008 or go to their web site at www.crowleycomputers.com

If you have any ideas for future classes you would like to see, please drop them an email at jerry@crowleycomputers.com

YOUR COMMENTS - We receive comments from you, our customers, on a regular basis. Here is one of the most recent remarks:

"I just wanted to let you know what an easy time I had signing up for your service. My previous server is having a TERRIBLE time lately with access and customer support. I take classes on-line and could not be patient any longer. (This has been happening for almost a month, they couldn't give me an answer as to how much longer it may go on.) I called your company and the operator was super answering my questions and discussing concerns. She signed me up right away and assisted me in getting my software fast. She definitely has people and phone skills. I think I am going to like this company. Thanks again - here is to a long relationship."
     Lori G., Malone

Previous Issue | Next Issue


Contact NorthNet | Page Top

Resources | Member Pages | About NorthNet | Check Your Mail


  © 2000, NorthNet Internet Services, Inc.
7 Commerce Lane, Canton, NY 13617
  Voice: 315-386-4569    Toll-free: 1-800-401-6954   
Fax: 315-379-9553