> Aren't the browser-enhancement scripts written in the same language
> (VBS) that was used by the Love Bug virus.
Yes, or JavaScript - there's no functional difference, really.
> If so, couldn't such a virus be distributed and *invoked* by merely
> accessing a web page with an enhanced browser?
No, not necessarily. Browsers execute scripts on remote servers with a lower
level of trust than do email clients, and that's really the big problem. By
default, most scriptable email clients treat scripts as if they were run
from the local filesystem, because that's where they are - the email with
the script has already been downloaded and saved into the filesystem. On the
other hand, browsers don't generally do that.
> This would be much more insidious than an email-distributed virus
> where the user must invoke the virus.
>
> I have several clients who are considering enhanced browsers for
> content creation... would they be putting themselves at risk?
>
> Is there a way to avail yourself of enhanced browser features without
> exposing yourself to hackers/viruses?
When you say an "advanced browser", what exactly do you mean? IE 4+ on
Windows, or something more?
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
