Far be it from me to defend Microsoft of course, but it's really solely an integration issue as much as it's just poor security design in what the browser allows on a system wide scale, permissions, etc. If an unprivelaged user can make privelaged system calls within IE, Outlook, ActiveX, VB, etc., then there's an underlying security problem in the OS itself that needs plugging, regardless of integration. BUT, I know what you're saying, having a secureless IE (as many people's main net communication transport) makes it that much more easy to exploit those vulnerabilities. The bastards... :)
VSW
On Sun, 1 Aug 2004 12:26:49 -0400, Steven Buehler wrote:
> Sad part is, virii like this were practically unheard of until
> Microschmuck decided to integrate Internet Explorer into the
> operating system.
>
> SWB
>
> Steven W. Buehler | <swbuehler@yahoo.com/steven@sanctuaryweb.org>
> Yahoo! Messenger: swbuehler . AOL Instant Messenger:
> StevenBuehlerFL . MSN Messenger: stevenwbuehler@msn.com . ICQ:
> 3565750
> Personal Home Page: <http://www.sanctuaryweb.org> . Music Page:
> <http://renaitre.iuma.com>
>
> -----Original Message-----
> From: Eben King [mailto:eben1@tampabay.rr.com]
> Sent: Sunday, August 01, 2004 11:21 AM
> To: slug@nks.net
> Subject: Re: [SLUG] I told them . . .
>
> On Sun, 1 Aug 2004, Pete S. wrote:
>
>> R.G. Mayhue wrote:
>>
>>> On Saturday 31 July 2004 07:35 pm, Ronald KA4INM Youvan wrote:
>>>
>>>
>>>>> Dear user ka4inm@tampabay.rr.com,
>>>>>
>>>>> We have found that your e-mail account was used to send a
>>>>> huge amount of nsolicited e-mail messages during this week.
>>>>>
>
>>>> I don't think this is possible, and I don't think your advise
>>>> can
>>>>
> help
>>>> me, I have NO Micro$oft products in my home,
>>>>
>>> This message was sent to you by a worm.
>>>
>> Common virus/worm designs currently replicate by first infecting a
>>
> ^
> MS Outlook; I think Outlook (and OE) is the only email client that
> automatically executes (if you display the preview pane) scripts in
> email messages.
>
>> computer, searching that PC for all of the listed contacts/e-
>> mails, then using it's own SMTP engine, send e-mails from that PC
>> to other PCs, using "spoofed" e-mail address...
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 14:11:52 EDT