>-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >Behalf Of David Harley > >To be fair, the issue isn't really Word macro viruses: it's the fact that >they represent a class of objects where executable code is found in places >less obvious than a .EXE. A whitelisting solution that doesn't take them >into account is obviously less effective.
Whitelisting is fine as part of the solution, but it is obviously not appropriate for documents. Since the majority of industrial espionage attacks (via email) involve documents which exploit some bug in the executable which processes them, some other component is needed to cover this hole. No doubt there are also many other holes, which makes me wonder if the bank has really thought this through. Alex ----------------------------------------------- Alex Shipp Imagineer _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
