Yeah, but how many networks do you know that have custom IE security settings? Granted there are a few fixes for this, but to call exe's through java, you basically can do anything you want on that PC. I'm no code guru so I'm not aware of the capabilities, but it doesn't help with virus problems.
-----Original Message----- From: Rocky Stefano [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 28, 2002 12:28 PM To: Exchange Discussions Subject: RE: Exchange nightmares Scott that is not a vulnerability. Its called active scripting. If you turn it off then www.cnn.com won't load properly either. Its a common integration feature. If you want to disable it properly IE security should have been set-up properly to begin with. Change your internet zone security to HIGH and that page won't load jack other than fire off antivirus warning. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Williams Scott CTR Sent: Thursday, February 28, 2002 12:32 PM To: Exchange Discussions Subject: Exchange nightmares TECH BRIEFING Want To See Something Scary? I thought you might be interested in trying this and then see your hair stand out. When I tried it just now (Wednesday Feb 27, 11am) it still worked. It's real too, yikes. This web page opens up a DOS box on your computer. Someone really interested in destruction would be able to wreak havoc on everyone visiting them. Or, cracked sites might be equipped with this doozy on their home page and all their visitors just beheaded. I'm not sure how you could protect your users against this kind of attack. Suggestions anyone? http://www.w2knews.com/rd/rd.cfm?id=020228TB-Scary _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
