Firewalls: RE: MS Explorer 3.0 'Serious security flaw'?

Firewalls
(August 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: MS Explorer 3.0 'Serious security flaw'?
From:	Keith McCammon <keithm @ asymetrix . com>
Date:	Sat, 24 Aug 96 00:45:00 PDT
To:	"'Firewalls'" <Firewalls @ GreatCircle . COM>



 ----------
What makes this an Explorer-specific problem?

If I'm not mistaken, _any_ browser will open a .doc or .xls document if   
the
helper application is defined.  Word and Excel macro viruses are not   
news.
I thought it would've been an Active-X or e-mail scamming hole.

I don't think a firewall can be configured to filter Word/Excel macro   
viruses.


Bill Stout
______________________________________________________________


The ability to download and execute a macro virus is not the bug, the bug   
is that it downloads the macro, starts word or excel, and executes the   
macro, all without any user prompt, warning,  or intervention. You simply   
'hit' the web page and all this happens in the background.

McAfee's Webscan should be able to detect and prevent this virus because   
it scans the data coming through the firewall in realtime.

Indexed By Date	Previous:	command-line equiv of ftp:// From: Dave Wreski <tel1dvw @ is . ups . com>
Indexed By Date	Next:	re: Unix-based virus scanner From: harley @ icrf . icnet . uk
Indexed By Thread	Previous:	Re: MS Explorer 3.0 'Serious security flaw'? From: "G.S.CHINNIAH" <gscpraba @ emirates . net . ae>
Indexed By Thread	Next:	RE: MS Explorer 3.0 'Serious security flaw'? From: "Jarmon, Don R" <drjarmon @ ingr . com>