"Posick, Steve" <steve.posickat_private> wrote: > Solution > Disable File Downloads or disassociate .HTA files from MSHTA.exe. Disabling > scripting does not stop this, we believe it is dew to the fact that the HTA > is already on the local system at the time of execution, thus making it > trusted. The reason for this can be found in the MSDN. It specifically states that HTA's, once run from the local hard drive or executed from the Internet are considered completely trusted applications and not under an security restrictions that IE4>= is under. In fact, an HTA could download an arbitrary Java application and run it. HTA's can be very dangerous if users aren't taught to not run an HTA from the web or to let it be downloaded to a local hard drive. McKay ____________________________________________________________________ Get your own FREE, personal Netscape WebMail account today at http://webmail.netscape.com.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:57:29 PDT