I assumed it was just a test of my computer so I wasn't too concerned. If I
had received it from someone completely unknown to me - not that I know you,
Jay, personally - I would have been more concerned.
I do think it was improper to just spring it on the mailing list though. I
would have probably clicked on a weblink to check it out as I am concerned
about my computer privacy and security.
I guess I'm not as computer savvy as you because the script you included is
a bit beyond my abilities and means little to me. I'm sure others less
capable that I are even more befuddled or concerned. I also do not know what
"Windows Scripting Host" is. I wonder if this test program would have made
it to the recipients if Topica didn't allow attachments. I dislike that list
moderators have no way to allow or deny file attacjments when operating in
Topica.
I send and receive email with Outlook "Depress" and what I saw when your
message arrived in my mailbox was a small automated pop-up window asking me
to test Internet Explorer. I had no other option but to click on the "OK"
button as the "delete message" or other functions were disabled by the email
message. After I clicked on "OK", another slightly larger window popped up
and displayed four lines of what appeared to be Windows registry regarding
my computer's audio software. I did not see a "notepad" text document.
I have not found a suitable email program other than Outlook Depress. I
dislike Netscape Composer (especally when attempting to display and forward
full message headers) and last time I tried Eudora I couldn't believe that
such a highly regarded email program made it so hard, or impossible, to
display full message headers altogether. I have searched for a suitable
replacement of OE but haven't found one to my liking yet. If anyone has any
suggestions regarding alternate email software, I'd appreciate hearing them.
So, bottom line is, I personally did not appreciate having this test sprung
upon me and having no option but to deal with it. I could not delete the
message without going through the test and that is improper in my
estimation. I would have much rather been shown a link to check it on a
website with a text description of what it does and what benefit it might
be.
Bill
----- Original Message -----
From: Jay Daniels <[EMAIL PROTECTED]>
> The script does nothing really, it only reads and displays the
autoexec.bat
> file, if you have one. And only if you view with ie/outlook AND have wsh
> enabled.
>
> It is just what it says, a TEST to see if your computer is vulnerable to
> this exploit. If you have all the above and you saw an alert box
> containing your autoexec.bat file then you may need to disable whs and
java
> until you fix the problem.
> I included the script ENCLOSED in comment inside the body of this message
> so you can see that it actually does nothing but read the file
> (GetObject)and display an alert box. You may have to view source of
> message to see it.
> <!--
> <SCRIPT>
> I am sending this message in plain text, but your mail program may display
> it differently. There is no way reading a text file should cause any
> problems, unless you have memory problems with your system or some other
> device conflict. Anyway, it's nothing to do with the getobject script.
> Solution: disable java script, and WSH (Windows Scripting Host) or be
very
> very careful when using ie or outlook. Better idea? Use Netscape or
Opera
> along with a plain text mail program or Eudora.
>
> Eudora or the list server at topica seems to have removed the script from
> the message I received.
>
> To test your system go here using ie (does not work with Netscape)...
> http://pcnn.virtualave.net/ietest.html
----
blog: http://theMezz.com/informant/blog/
post: [EMAIL PROTECTED]
url: http://theMezz.com/informant
forum: http://theMezz.com/bbs
subscribe: [EMAIL PROTECTED]
unsubscribe: [EMAIL PROTECTED]
digest: [EMAIL PROTECTED]
notDigest: [EMAIL PROTECTED]
___________________________________________________________
T O P I C A http://www.topica.com/t/17
Newsletters, Tips and Discussions on Your Favorite Topics
