From owner-freebsd-chat  Wed Nov 10 13: 4:17 1999
Delivered-To: freebsd-chat@freebsd.org
Received: from Astrovan.cstone.net (mailstop.cstone.net [205.197.102.13])
	by hub.freebsd.org (Postfix) with ESMTP id 4869D14E16
	for <freebsd-chat@FreeBSD.ORG>; Wed, 10 Nov 1999 13:04:11 -0800 (PST)
	(envelope-from highway@cstone.net)
Received: from cstone.net (snowcrash.cstone.net [209.145.66.12])
          by Astrovan.cstone.net (Post.Office MTA v3.5.3 release 223
          ID# 0-59789U13500L1350S0V35) with ESMTP id net;
          Wed, 10 Nov 1999 16:01:55 -0500
Message-ID: <3829DDDE.9882F9E7@cstone.net>
Date: Wed, 10 Nov 1999 16:04:30 -0500
From: Sean Michael Whipkey <highway@cstone.net>
Organization: Cornerstone Networks, Inc.
X-Mailer: Mozilla 4.61 [en] (X11; I; FreeBSD 3.3-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Greg Lehey <grog@lemis.com>
Cc: Jonathan Chen <jonc@logisticsoftware.co.nz>,
	freebsd-chat@FreeBSD.ORG
Subject: Re: "Good times" `virus' now a real possibility...
References: <19991111091605.A28643@jonc.logisticsoftware.co.nz> <19991110153657.22447@mojave.sitaranetworks.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Greg Lehey wrote:
> 
> On Thursday, 11 November 1999 at  9:16:05 +1300, Jonathan Chen wrote:
> > Check out:
> >
> >     http://www.cnn.com/TECH/computing/9911/09/seinfeld.virus.ap/index.html
> >
> > Looks like the "Good Times" virus is now a definite possiblity, thanks
> > to Microsoft.
> 
> Right, I heard that on the news this morning.  Does anybody know how
> it works?  Does anybody have one they can send me?

There was a discussion on this at the USENIX Security Symposium in
August in DC.

Basically, Outlook uses IE to view certain types of mail.  It's possible
to use Visual Basic and/or ActiveX to force Internet Explorer to execute
arbitrary commands on the receiving computer - simply by viewing the
HTML that the e-mail is written in.

There are ways to disable it, but they're rather obscure at times.  Joe
Average-User won't know to do it.

Makes me glad I'm out of tech support. :-)

SeanMike

--
Sean Michael Whipkey - highway@cstone.net - www.cstone.net
Engineering Department, Cornerstone Networks, Inc. - 804.817.7000
Report spam with full headers to: spam-report@cstone.net - TINLC
Happiness is mandatory.  Are you happy, citizen? - _Paranoia_


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message