AW: annoying HTML postings
ld
jar5831 at localnet.com
Wed May 26 18:12:17 CEST 1999
Microsoft has posted several patches to fix java/security holes for its browsers,
Internet Explorer 4-5 and windows 95/98..go to their home www.microsoft.com..the
windows product update section to download and install them..as far as I know
Netscape 4.51 is up to date in this regard..of course if using netscape running
from win95/98 one should also install the win95/98 free security patches..
mbartkow at ET.PUT.Poznan.PL wrote:
> > There's no more risk of getting a virus with HTML mail - the only difference
> > with an HTML mail is that the message body MIME type is HTML rather than
> > plain text, and HTML formatting tags are used.
> > A virus would more easily pass on as a MIME attachment than something
> > embedded in HTML (eg Tom's Happy99.exe post ;-) )
>
> Unfortunatelly, sending as HTML increases the risk. Viruses may have a form
> of JavaScript and Java programs embeded in HTML documents. HTML-based readers
> attempt to execute them. Microsoft products are configured by default to run
> the scripts without warning. I know, what I am saying, I have already seen
> two examples of such behavior.
> In its assumptions, Java is thought of as a "safe" scripting language, i.e.
> the script is not allowed to write to disk etc. But it is not realized in
> MS's implementation. Under Win95/98 there is enough security holes to be
> completey unsafe. Be warned.
>
> regards,
>
> m.b.
>
> --
>
> Maciej Bartkowiak
> ========================================================================
> Institute of Electronics and Telecommunication fax: (+48 61) 8782572
> Poznan University of Technology phone: (+48 61) 8791016 int.171
> Piotrowo 3A email: mbartkow at et.put.poznan.pl
> 60-965 Poznan POLAND http://www.et.put.poznan.pl/~mbartkow
> ========================================================================
More information about the Synth-diy
mailing list