Re: BCC email virus

From: Meritt James (meritt_james@bah.com)
Date: 01/30/02


Date: Wed, 30 Jan 2002 09:04:24 -0500
From: "Meritt James" <meritt_james@bah.com>
To: John Daniele <johnd@tsintel.com>

So why not simply disable the association to interpreters (including
VBS, of course) and modifying the configuration of your whatever reader
not to do that?

John Daniele wrote:
>
> > Why just don't run emailed executables?
>
> Because for as long as you are running an email client that interprets
> vb/java/lotus/*scripting code, you are at risk. There have been cases
> where executable code is automatically run simply by clicking on the
> message as opposed to running it manually. I've also seen one one case
> where the executable was executed accidently by buggy code implemented
> as a part of the email client's export-attachment function.
>
> ----------------------------------
> John Daniele
> Technical Security & Intelligence
> Toronto, ON
> Voice: (416) 605-2041
> Email: johnd@tsintel.com
> Web: http://www.tsintel.com
> ----------------------------------

-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566



Relevant Pages

  • Re: BCC email virus
    ... John Daniele wrote: ... >> So why not simply disable the association to interpreters (including ... >>> where executable code is automatically run simply by clicking on the ... >>> Toronto, ON ...
    (Security-Basics)
  • Re: BCC email virus
    ... John Daniele wrote: ... >> Why just don't run emailed executables? ... > Because for as long as you are running an email client that interprets ... > where executable code is automatically run simply by clicking on the ...
    (Security-Basics)
  • Re: BCC email virus
    ... > So why not simply disable the association to interpreters (including ... >>> Why just don't run emailed executables? ... >> Because for as long as you are running an email client that interprets ... >> where executable code is automatically run simply by clicking on the ...
    (Security-Basics)