Wirt writes:
> I've simply made it policy here that no one opens any file that has any form
> of extension other than .txt or .jpg, .gif, etc. I know of no way that these
> sorts of files can do you any possible harm, but opening an .exe, .vbs, etc.
> (or even a .doc) file from someone you don't know is just plain foolish
> nowadays.
Unfortunately, there are two things here which do not go far enough.
The more obvious one involves opening an exe, etc., from "someone you
don't know." Of course, that's how the Melissa virus/worm spread so fast;
people opened the attachment because it was from someone they knew.
Unfortunately, the .jpg policy doesn't go far enough either. NEWS.COM
reported last month of Yet Another Vulnerability of Lookout (er, Outlook)
Express:
The new vulnerability works through a series of disguises, Levy said. First,
the malicious program is converted into a Microsoft archive format called a
"cab" file. Then, the cab file is renamed with an extension of a file type
that Outlook isn't concerned with (such as "jpg," "mov," or "txt"), then
emailed as an attachment.
When the victim clicks on the attachment, the cab file is decompressed and
its contents saved to a specific location. The last stage occurs when a
Javascript program in the email then can execute the potentially malicious
program that was contained in the cab file.
The full story is at
< http://news.cnet.com/news/0-1003-200-1432242.html >
FWIW.
--Glenn
|