Bugtraq mailing list archives
Re: First vulnerabilities in the SP2 - XP ?...
From: Matthew Roberts <webmaster () matthew1471 co uk>
Date: 18 Aug 2004 18:31:52 -0000
In-Reply-To: <200408180941.16239.radoslav.dejanovic () opsus hr>
This basically tells the user to open CMD and then execute the attachment in command line. Now, someone has to be really, really dumb to do that.
People might forget that dragging and dropping to a command prompt actually executes the file. I have 2 words, Batch files.. I did not get prompted when I double clicked a batch file containing one line "Malicious program.exe" Sp2 did not also detect that Viri.zip downloaded from the internet and contains an EXE inside it... I am not trying to create bad press for SP2, I personally think very highly of it... But I do think people will enter the trap "Wel it's gonna alert me if it's not safe ain't it?" I think that's the biggest issue here
Current thread:
- First vulnerabilities in the SP2 - XP ?... Jérôme (Aug 16)
- Re: First vulnerabilities in the SP2 - XP ?... Colin Alston (Aug 17)
- Re: First vulnerabilities in the SP2 - XP ?... Oliver Schneider (Aug 17)
- RE: First vulnerabilities in the SP2 - XP ?... Larry Seltzer (Aug 19)
- Re: First vulnerabilities in the SP2 - XP ?... Radoslav Dejanović (Aug 18)
- Re: First vulnerabilities in the SP2 - XP ?... Robert Decker (Aug 19)
- <Possible follow-ups>
- RE: First vulnerabilities in the SP2 - XP ?... Thor Larholm (Aug 19)
- Re: First vulnerabilities in the SP2 - XP ?... Matthew Roberts (Aug 20)
- RE: First vulnerabilities in the SP2 - XP ?... Larry Seltzer (Aug 23)