Take a gander at the following code. I c&p'd it from an HTML-formatted message. Tell me what it does (then I'll tell you if you are correct).
<SCRIPT language=JavaScript> <!-- window.open('http://images.free4all.com/pop.html','').blur(); window.focus(); --> </SCRIPT> Apart from being really annoying, the obvious risk is that the site that is opened might contain malicious code that could exploit vulnerabilities not patched on the box that opens to them. I've taken the precursory step of disabling Scripting: Active Scripting in OL2k. I'm looking thru the bulletins to make certain our clients are running under all relevant patches. AV defs are up-to-date at all levels. What else might those Gnostics in security minutia recommend..? _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]