Great Circle Associates Firewalls
(August 1995) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Win95 Security Holes
From: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Date: Mon, 28 Aug 95 13:30:46 -0400
To: "firewalls @ greatcircle . com"@UVS1.dnet.mmc.com 
>> (ii) MSN users can download and execute e-mail attachments with a simple double-click on the 
>> attachment icon (Information Week, Page 24, 28-Aug-95). OUCH OUCH OUCH!

>This is not just an MSN problem.  Many newer mail handlers allow
>autolaunch of executable attachments.  Banyan BeyondMail also falls into
>this category, as do probably many others.  This has probably become a
>Must_Have_To_Compete/Feature_Of_The_Month.  Software vendors are
>responding to an actual or perceived user demand, and in the process are
>handing the user a loaded gun with a homing device for the owner's feet.

Actually, is not even a new problem. I mentioned ANSI Bombs in my last
posting & this is really the same thing. The big difference here is
that the "bomb transmission mechanism" in this case is the default and
it is difficult to turn off.

For example I am very deep into the "Microsoft WORD Prank Macro" situation
(others call it a virus). Unlike ANSI.SYS which had to be loaded into
CONFIG.SYS, WordBasic macro execution is ON by default.

True, you can turn it off with a macro of your own (put "DisableAutoMacros"
into an "AutoExec" macro in Normal.Dot) but this is non-trivial for
most users. True, if "/mDisableAutoMacros" is on the WORD command line
when launched, it will have a similar effect but now you must know how to
edit .PIFs and preferences. Again non-trivial. (Have been looking but
see no way as yet to tell ccMail to use this command line). And then there
is the MAC...

So it is not just the "autolaunch" of the WordProcessor that is the problem,
it is the autolaunch with automatic macro processing capability turned on,
all that is really needed is a way to turn the macro part off and you have
a set of commands that do not get executed. ("What ? You want to *degrade* 
our product ?!?")

Even better, a mechanism that tells the user if there is a macro in the 
header. ("What ? You want to *notify* the user ?!?").

Maybe I am in the minority, but when I buy a product, I expect it to do
what I want it to do and not what causes the least calls to the HELP desk.

						Warmly,
							Padgett

ps Just out of curiosity, is there any beneficial reason for executables
   (as opposed to a template setup) in a document header ?
Indexed By Date Previous: Re: Firewalls and X-Windows, Flames
From: Mark_W_Loveless @ smtp . bnr . com
Next: Re: Bug of RISC !!
From: bnowlin @ nyjets . lerc . nasa . gov (Ben Nowlin)
Indexed By Thread Previous: Re: Compuserve TCP port number
From: Rick Romkey <pokey @ maddie . atlantic . com>
Next: Re: Win95 Security Holes
From: Christian Wettergren <cwe @ Csli . Stanford . EDU>
Google
 
Search Internet Search www.greatcircle.com