Re: BCC email virus

From: John Daniele (johnd@tsintel.com)
Date: 01/30/02


Date: Wed, 30 Jan 2002 10:10:26 -0500 (EST)
From: John Daniele <johnd@tsintel.com>
To: Meritt James <meritt_james@bah.com>


Heh, I guess I didn't read the thread previous to yours.. IMO, that's
exactly what you should do. Uninterpreted plaintext can rarely hurt you!

:-)

----------------------------------
John Daniele
Technical Security & Intelligence
Toronto, ON
Voice: (416) 605-2041
Email: johnd@tsintel.com
Web: http://www.tsintel.com
----------------------------------

On Wed, 30 Jan 2002, Meritt James wrote:

> So why not simply disable the association to interpreters (including
> VBS, of course) and modifying the configuration of your whatever reader
> not to do that?
>
> John Daniele wrote:
> >
> > > Why just don't run emailed executables?
> >
> > Because for as long as you are running an email client that interprets
> > vb/java/lotus/*scripting code, you are at risk. There have been cases
> > where executable code is automatically run simply by clicking on the
> > message as opposed to running it manually. I've also seen one one case
> > where the executable was executed accidently by buggy code implemented
> > as a part of the email client's export-attachment function.
> >
> > ----------------------------------
> > John Daniele
> > Technical Security & Intelligence
> > Toronto, ON
> > Voice: (416) 605-2041
> > Email: johnd@tsintel.com
> > Web: http://www.tsintel.com
> > ----------------------------------
>
> --
> James W. Meritt CISSP, CISA
> Booz | Allen | Hamilton
> phone: (410) 684-6566
>