R
Rick Brandt
I've done some Googling on this, but can't find anything definitive looking
that isn't ancient.
The issue is whether the simple act of viewing an HTML page that contains
script or viewing an HTML Email message that contains script is (in and of
itself) enough to infect your machine with a virus.
I know that there were a few rather exotic methods used in the past to
exploit vulnerabilities of IE and/or Outlook/Outlook Express that required
only viewing to be infected, but even those weren't specifically delivered
by script were they? My understanding is that they used specially encoded
graphic objects or similar.
I know that script can do things that are irritating (spawn windows and
such) but I fail to see how they can actually do anything harmful to the
local system. Note that I am not talking about a script attachment that a
user might double-click. Only the script that would run just from viewing
the HTML content.
If it is true that this is possible, would one have to be running fairly
antiquated client software to be in danger?
TIA
that isn't ancient.
The issue is whether the simple act of viewing an HTML page that contains
script or viewing an HTML Email message that contains script is (in and of
itself) enough to infect your machine with a virus.
I know that there were a few rather exotic methods used in the past to
exploit vulnerabilities of IE and/or Outlook/Outlook Express that required
only viewing to be infected, but even those weren't specifically delivered
by script were they? My understanding is that they used specially encoded
graphic objects or similar.
I know that script can do things that are irritating (spawn windows and
such) but I fail to see how they can actually do anything harmful to the
local system. Note that I am not talking about a script attachment that a
user might double-click. Only the script that would run just from viewing
the HTML content.
If it is true that this is possible, would one have to be running fairly
antiquated client software to be in danger?
TIA