In article <[log in to unmask]>, dated Thu, 4 May 2000 at
16:08:07, [log in to unmask] writes
>On 5/4/00 1:59:30 PM, [log in to unmask] writes:
>
><< An HTML file can pass on a 'virus' (technically, not a virus) if it
>contained malicious code (active X or other controls), and the user activates
>said code >>
>
>***In other words, am I correct in deducing from this message that web-based
>email like hotmail and yahoo carry the risk of transmitting viruses? If not,
>how does the issue of HTML code affect the person who uses the normal
>Internet Service Providers like Prodigy, AOL, MSM and so on?
If you use an email application that attempts to render an email
formatted in HTML as a browser would, in particular with regard to
processing any embedded scripts, you are exposed to any malicious
scripts no matter who your ISP is. In the 'HTML sent as email' scenario,
unfortunately far too common these days, merely opening the mail item is
equivalent to extracting (e.g. saving) and executing the 'traditional'
virus sent as a binary attachment. The solution is either configure your
email application *not* to process any of those scripts if that is an
option or switch to an email application with either no or limited HTML
processing capabilities.
Chris
--
Chris Salter (Vice Chairman, Web and Email Lists Administrator)
Lincolnshire Post-Polio Network (UK) Registered Charity No. 1064177
<URL:http://www.ott.zynet.co.uk/polio/lincolnshire/>
Web Site Email: mailto:[log in to unmask]
Lincolnshire Post-Polio Network Email: mailto:[log in to unmask]
PGP (Web Site Email address only) - Public Key-ID 0x77950BDA
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|