Full Disclosure mailing list archives

Re: .hta virus analysys

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 20 Nov 2003 17:28:46 +1300

bryce <lord_ph () comcast net> wrote:

I'm new to this list, and sorta new to security on a computer. But can 
someone tell me what program runs a .hta file??


If you have to ask that then you really shouldn't even be thinking of 
"playing with it" should you?

I suggest that this is an example of a very good reason to _not_ allow 
messages with such attachments (though having the mail server 
distinguish them from other "possibly acceptable" atatchments such as C 
or PERL PoCs and the like would be non-trivial...).


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

.hta virus analysys Jim Duggan (Nov 19)
- Re: .hta virus analysys bryce (Nov 19)
  - Re: .hta virus analysys Nick FitzGerald (Nov 19)
    - Re: .hta virus analysys madsaxon (Nov 19)
  - Re: .hta virus analysys Valdis . Kletnieks (Nov 19)
    - Re: .hta virus analysys listas (Nov 21)
  - Re: .hta virus analysys Maxime Ducharme (Nov 20)
    - Re: .hta virus analysys Scott Taylor (Nov 20)
    - Re: .hta virus analysys Gary Flynn (Nov 20)
    - Re: .hta virus analysys Jelmer (Nov 20)
    - Re: .hta virus analysys Nick FitzGerald (Nov 20)
- Re: .hta virus analysys Jelmer (Nov 20)
  - Re: .hta virus analysys Gadi Evron (Nov 20)

(Thread continues...)