Dumb Anti-Virus programs [was RE: NOT GOOD: Outlook Express 6 + Internet Explorer 6]
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: Fri, 2 Apr 2004 15:18:25 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I cannot correct faulty anti-virus software which decides that text in a plain-text email is, instead, HTML.
I cannot correct faulty anti-virus software which decides that some text in a plain-text email is HTML script, despite it not being script at all due to the object tag being replaced with the word xbject.
I cannot correct faulty anti-virus software which looks for HTML exploits in text/plain email messages.
I can assure you that you didn't get a virus from NTBugtraq.
I can assure you that http-equiv's .chm exploit string has been put into numerous AV products as an exploit. I've run it numerous times.
I can assure you that anything you get from NTBugtraq should be treated as hostile! If you lack sufficient expertise to know how to protect yourself (and your network/company) from a malicious demonstration, or from being pointed to a site which is exploiting people, then do not follow any links provided in NTBugtraq messages, including those to my site!
If you want to see a message your AV has stopped, feel free to look at the NTBugtraq on-line web archives at http://www.ntbugtraq.com/archives
Russ - NTBugtraq Editor
NTBugtraq Editor's Note:
Wondering how to unsubscribe from NTBugtraq? Just send a message to Listserv@listserv.ntbugtraq.com with unsubscribe ntbugtraq in the message body, you don't need a subject line. If it says you aren't subscribed, you've either subscribed with a different email address or your address has changed somehow. Just email Russ.Cooper@rc.on.ca and I'll remove you.