[2607] in WWW Security List Archive
Re: ActiveX security hole reported.
daemon@ATHENA.MIT.EDU (Gary Meltzer)
Wed Aug 14 11:54:07 1996
From: garym@softshore.com.au (Gary Meltzer)
To: Stephen Cobb <stephen@iu.net>
Cc: trei@process.com, www-security@ns2.rutgers.edu
Date: Wed, 14 Aug 1996 11:27:33 GMT
In-Reply-To: <1.5.4.32.19960813215752.00592ca0@iu.net>
Errors-To: owner-www-security@ns2.rutgers.edu
On Tue, 13 Aug 1996 17:57:52 -0400, stephen@iu.net wrote:
>>Some guy has written an ActiveX control which crashes windoze95... I don't
>>use windoze so can't try it, but if someone else is brave, I'd love to know
>>if it works...
>>
>
>Yes, it works, turns off the machine...quite impressive.
Which part do people find the most impressive? -
that the Win95 shutdown API works as documented
or that all these security experts are downloading and running
software designed to do something they don't want?
How does this control differ from an HTML page that tells
readers to turn the power switch off?
- G.
