Let me review the original advisory: >Impact: >Merely viewing a web page or opening a mail message will trigger the flaw. Ah, I can think of one way - deny the use of Internet Explorer to everyone. Thats nice and practical, and I'm sure it will endear us technical people to the rest of the business. Forewarned is only forearmed if you have sufficient information to understand the problem. Forewarned is not forearmed when the information is so vague and the possibilities are so numerous that it's impractical to defend against them blindly. Others have already commented on how we can expect more of this "responsible" disclosure. Ian Kayne Technical Specialist - IT Solutions Softlab Ltd - A BMW Company > -----Original Message----- > From: Ben Smee [mailto:Ben.Smeeat_private] > Sent: 23 November 2001 02:02 > To: Mariusz Mazur; vuln-devat_private > Subject: RE: [ALERT] Remote File Execution By Web or Mail: Internet > Explorer > > > is it just me or can you not conceive of anyway to protect > yourself now > that you do know about the problem? > > forewarned is forearmed. > > -------------------- > Benjamin Smee > Technical Specialist > Optus Business Operations (NAC) > "YES" OPTUS > ben.smeeat_private > Tel: +61-2-93420091 > Fax: +61-2-93420998 ******************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and Softlab does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the IT helpdesk by telephone on +44 (0)121 788 5480. ********************************************************************
This archive was generated by hypermail 2b30 : Fri Nov 23 2001 - 18:04:15 PST