Re: Outlook/HTML "proggie"

[mrousseau () LABCAL COM (Maxime Rousseau)]

!  -----Original Message-----
!  From: VULN-DEV (kiss the sun and walk on air)
!  Sent: Wednesday, May 31, 2000 7:35 AM
!
!  My guess was the "Scripting" object, or SCRRUN.DLL. Thats
!  the DLL that
!  contains the FileSystemObject classes and its subordinates that the
!  recent rash of VBS scripts have been using to access the disk.
!  -pete

I would be very very VERY surprised if a script within the HTML of an
eMail would be able to access the FileSystemObject. Saying this means
every eMail/website is able to read/write/delete all of your files at
will. I think you are confusing the ILY kind of viruses where the users
actually double-click a .vbs file, giving it their permission to run in
the Computer context and not in an internet context.

I also really doublt its a screen saver :) Unless they made an
ActiveX/COM interface on screensavers while i was looking the other way?

The best guess would be to assume he used one of the old objects
overflows and that his post was nothing but an empty brag without
substance or new technical material of interest. As Thierry pointed out,
this might be the BadBlood thing or the BubbleBoy virus too.

If this is something new I'm still very interested in knowing what is
that SCR object he used.

M.