So why not simply disable the association to interpreters (including VBS, of course) and modifying the configuration of your whatever reader not to do that?
John Daniele wrote: > > > Why just don't run emailed executables? > > Because for as long as you are running an email client that interprets > vb/java/lotus/*scripting code, you are at risk. There have been cases > where executable code is automatically run simply by clicking on the > message as opposed to running it manually. I've also seen one one case > where the executable was executed accidently by buggy code implemented > as a part of the email client's export-attachment function. > > ---------------------------------- > John Daniele > Technical Security & Intelligence > Toronto, ON > Voice: (416) 605-2041 > Email: [EMAIL PROTECTED] > Web: http://www.tsintel.com > ---------------------------------- -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566
