Heh, I guess I didn't read the thread previous to yours.. IMO, that's exactly what you should do. Uninterpreted plaintext can rarely hurt you!
:-) ---------------------------------- John Daniele Technical Security & Intelligence Toronto, ON Voice: (416) 605-2041 Email: [EMAIL PROTECTED] Web: http://www.tsintel.com ---------------------------------- On Wed, 30 Jan 2002, Meritt James wrote: > So why not simply disable the association to interpreters (including > VBS, of course) and modifying the configuration of your whatever reader > not to do that? > > John Daniele wrote: > > > > > Why just don't run emailed executables? > > > > Because for as long as you are running an email client that interprets > > vb/java/lotus/*scripting code, you are at risk. There have been cases > > where executable code is automatically run simply by clicking on the > > message as opposed to running it manually. I've also seen one one case > > where the executable was executed accidently by buggy code implemented > > as a part of the email client's export-attachment function. > > > > ---------------------------------- > > John Daniele > > Technical Security & Intelligence > > Toronto, ON > > Voice: (416) 605-2041 > > Email: [EMAIL PROTECTED] > > Web: http://www.tsintel.com > > ---------------------------------- > > -- > James W. Meritt CISSP, CISA > Booz | Allen | Hamilton > phone: (410) 684-6566 >
