lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: rms at (Richard M. Smith)
Subject: Notepad popups in Internet Explorer and Outlook


Do Notepad popups represent a security risk or are they simply another
way for spammers and marketers to annoy us?  Because of a design flaw in
Internet Explorer, Notepad popup windows can be displayed from an HTML
email message or Web page regardless of browser security settings.  In
addition, Notepad popups can access files on a hard disk, possibilly
causing stability problems in a Windows saystem. 

For more details, see:

Question:  What kind of operating system allows an email message to
automatically start up a text editor to change a system file?

Richard M. Smith

Powered by blists - more mailing lists