Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Notepad popups in Internet Explorer and Outlook

From: "Richard M. Smith" <rms () computerbytesman com>
Date: Mon, 4 Aug 2003 14:57:31 -0400
Hi,

Do Notepad popups represent a security risk or are they simply another
way for spammers and marketers to annoy us?  Because of a design flaw in
Internet Explorer, Notepad popup windows can be displayed from an HTML
email message or Web page regardless of browser security settings.  In
addition, Notepad popups can access files on a hard disk, possibilly
causing stability problems in a Windows saystem. 

For more details, see: 

  http://www.computerbytesman.com/security/notepadpopups.htm

Question:  What kind of operating system allows an email message to
automatically start up a text editor to change a system file?

Richard M. Smith
http://www.ComputerBytesMan.com





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: