Bugtraq mailing list archives

Re: Active X exploit.

From: paulle () MICROSOFT COM (Paul Leach)
Date: Wed, 27 Aug 1997 12:16:06 -0700

----------
From:         alan () lxorguk ukuu org uk[SMTP:alan () lxorguk ukuu org uk]
Sent:         Wednesday, August 27, 1997 1:25 PM
To:   Paul Leach
Cc:   BUGTRAQ () NETSPACE ORG
Subject:      Re: Active X exploit.

That's more secure than what I buy at the store.


When sir, was the last time you walked into a store and every time you
looked at a package it automatically installed itself and ran ?

The actual answer: the last time I bought a CD-ROM based package. Take a
look at "autorun.inf" on a CD-ROM.

ActiveX controls from a software vendor only automatically run if you
have previously stated that you are willing to automatically run any
signed code from that software vendor.

Paul

Current thread:

Re: Active X exploit. Andreas Bogk (Aug 26)
- <Possible follow-ups>
- Re: Active X exploit. Paul Leach (Aug 26)
  - Re: Active X exploit. Casper Dik (Aug 27)
  - Re: Active X exploit. David Holland (Aug 27)
  - Re: Active X exploit. Alan Cox (Aug 27)
- Re: Active X exploit. Lutz Donnerhacke (Aug 27)
- Re: Active X exploit. Paul Leach (Aug 27)
- Re: Active X exploit. Erik Tornstam (Aug 28)
- Re: Active X exploit. Frank Kargl (Aug 28)