Reply From: Rob Rosenberger <usat_private> NTBUGTRAQ moderator Russ Cooper received international media attention when he wrote about a "new" email exploit. In theory, someone can run malicious code on your computer by crafting an extremely long filename for an email attachment. The attachment doesn't need to execute -- the filename itself executes when Outlook tries to parse the filename. This exploit may sound bizarre to the average reporter... but I yawned when I heard about it. You see, this latest security flaw is just a derivative of the 'letter bomb' exploit (1996) and the 'res://' exploit (1997). Most news outlets ignored the older flaws -- because they came out too soon after the Hare virus media fiasco. Read http://www.kumite.com/myths/opinion/thoughts for more... Rob Rosenberger, webmaster Computer Virus Myths home page http://www.kumite.com/myths -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:10 PDT