[Mimedefang] Internet Virus hits IIS
WBrown at e1b.org
WBrown at e1b.org
Tue Jun 29 15:23:07 EDT 2004
mimedefang-bounces at lists.roaringpenguin.com wrote on 06/28/2004 08:14:52
PM:
>
> I believe the issue is that IE ignores MIME type inconsistently when
> deciding what to do with web content. The hostile website hosts a file
with
> a graphic filename extension (eg. .jpg or .gif) but the file is actually
> HTML with hostile JavaScript capable of downloading and running an
> executable. IE interprets the HTML, runs the JS and trojans the machine.
>
> I recall bitching at one webmaster last year because his traceroute
script
> output HTML but without a text/html MIME type, and Mozilla displayed the
> source, not the desired output. The script had obviously been tested
only
> with IE, which "helpfully" interpreted the HTML because it had HTML tags
in
> it.
>
> To effectively block, you'd need to block all links with graphic
extensions.
I recall a similar discussion here about Outlook doing the same thing with
attachments, ie. ignoring the extension and opening based on the contents
of the file. In fact even in Windows Explorer, this can be don by
renaming a .DOC file to .XYZ, and then doubleclicking on it.
My goal is to nuke WinXP on this laptop, put Linux and Crossover Office on
it so I can run Lotus Notes to get rid of as much microsloth softwarre ass
possible.
More information about the MIMEDefang
mailing list