Re: BCC email virus

From: John Daniele (johnd@tsintel.com)
Date: 01/30/02


Date: Tue, 29 Jan 2002 20:04:25 -0500 (EST)
From: John Daniele <johnd@tsintel.com>
To: Meritt James <meritt_james@bah.com>


> Why just don't run emailed executables?

Because for as long as you are running an email client that interprets
vb/java/lotus/*scripting code, you are at risk. There have been cases
where executable code is automatically run simply by clicking on the
message as opposed to running it manually. I've also seen one one case
where the executable was executed accidently by buggy code implemented
as a part of the email client's export-attachment function.

----------------------------------
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice: (416) 605-2041
Email: johnd@tsintel.com
Web: http://www.tsintel.com
----------------------------------



Relevant Pages

  • Re: BCC email virus
    ... > So why not simply disable the association to interpreters (including ... >>> Why just don't run emailed executables? ... >> Because for as long as you are running an email client that interprets ... >> where executable code is automatically run simply by clicking on the ...
    (Security-Basics)
  • Re: BCC email virus
    ... John Daniele wrote: ... >> Why just don't run emailed executables? ... > Because for as long as you are running an email client that interprets ... > where executable code is automatically run simply by clicking on the ...
    (Security-Basics)
  • Re: [PHP] Out source files
    ... if someone exploit a vulnerability of php or apache?". ... Your job is to reduce risk, ... Apache servers for each group, with their own user running Apache, so ... Store the executables on a DIFFERENT box, with, perhaps, only root and ...
    (php.general)
  • Re: Copying database instance from one server to another
    ... you do run into the risk ... of underlying system library changes that can "get you" if the ... executables are not linked on the specific OS environment you are ... oras, dbfs) to see if that resolves the problem. ...
    (comp.databases.oracle.server)
  • Re: see this cristmas card - *NOT SPAM*
    ... All executables are a risk but that's not the question. ... The question is whether or not it is spam. ... The Real Truth http://pcbutts1-therealtruth.blogspot.com/ ...
    (microsoft.public.windowsxp.general)