Take a gander at the following code.
I c&p'd it from an HTML-formatted message.
Tell me what it does (then I'll tell you if you are correct).
<SCRIPT language=JavaScript>
<!--
window.open('http://images.free4all.com/pop.html','').blur();
window.focus();
-->
</SCRIPT>
Apart from being really annoying, the obvious risk is that the site that is
opened might contain malicious code that could exploit vulnerabilities not
patched on the box that opens to them. I've taken the precursory step of
disabling Scripting: Active Scripting in OL2k. I'm looking thru the
bulletins to make certain our clients are running under all relevant
patches. AV defs are up-to-date at all levels.
What else might those Gnostics in security minutia recommend..?
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
