| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040105111506.92176.qmail@web21506.mail.yahoo.com> From: bisley110 at yahoo.co.uk (John Bisley) Subject: Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV Hi All Can anyone out there clear the FUD and speak to the less Web Savvy (like me) - I set up up a quarantine system (although still with Internet connectivity) to run the exe-cute-html but this didn't 'appear' to do anything other than display the "JUNKWARE" text. i.e. I downloaded the zip and extracted the html and then I double-clicked on the html file so that IE(5.5) would run it. So I presume it would be running the html from the MyComputer zone - but I didn't get a dialog box or anything. I'm mostly interested in whether this is a big risk to the company. I'm willing to believe that users can be fooled into downloading html and opening it locally (e.g. if they think that they are downloading a useful report), but then, they can probably be fooled into downloading an exe and running it... So am I simply looking at continued Security Awareness briefings (or more draconian download restrictions) or is there a greater exposure that I'm missing. I may have missed earlier parts of this thread so I hope I'm not going over old ground. Regards Bis > From: "morning_wood" <se_cur_ity@...mail.com> > To: <full-disclosure@...ts.netsys.com> > Subject: Re: [Full-Disclosure] Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part IV > Date: Fri, 2 Jan 2004 11:56:29 -0800 > > > On Thu, 1 Jan 2004 22:41:35 -0000 "http-equiv@...ite.com" wrote: > > [snip] > > > Fully self-contained harmless *.exe: > > > > > > http://www.malware.com/exe-cute-html.zip > > [snip] > > > > This doesn't look like self-executing HTML - anyway. > > > > Gives dialog box to open or save a "blabla.hta" and no, it > does not self-execute > even under > low security settings. try again Jelmer? > > > --------------------------------- Yahoo! Messenger - Communicate instantly..."Ping" your friends today! Download Messenger Now -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040105/6a73bf6e/attachment.html
Powered by blists - more mailing lists