[3100] in WWW Security List Archive
Re: New and destructive word macro virus
daemon@ATHENA.MIT.EDU (hallam@ai.mit.edu)
Fri Sep 27 03:11:06 1996
From: hallam@ai.mit.edu
To: quire@casti.com
Cc: hallam@ai.mit.edu, www-security@ns2.rutgers.edu
In-Reply-To: Your message of "Thu, 26 Sep 96 13:30:44 EDT."
<Pine.NXT.3.91.960926132752.8986A-100000@vector.casti.com>
Date: Fri, 27 Sep 96 01:34:45 -0400
Errors-To: owner-www-security@ns2.rutgers.edu
>If it was not your intent, then why didn't you just send to the poster
>and to the list moderator and let it go at that? I don't think macro
>virus postings are inappropriate here, since Word docs are frequently
>obtainable through websites.
Macro viruses and viruses in general are entirely inappropriate for this
list which was set up to discuss web security protocols.
Viruses in general are an entirely unnecessary form of security hole
which is the result of inadequate system design. If people want to
connect incompetently designed systems up to the Web they will get
fried. The Web was not designed with either the Mac or Windows 3.1
in mind and the idea of downloading executable content onto either
was furthest from our mind.
Word is not a suitable document format for the Web for numerous
reasons. Not least the vulnerability of the platforms which run it
and the nature of the format which is tied to a single vendor and
has limited platform support.
The only Web security issue that arises is mechanisms to filter out
such formats at firewalls. I would recommend such steps for all
executable content, with the possible exception of postscript. There
are plenty of safe postscript viewers and postscript is more commonly
printed than viewed with an unsafe viewer.
Phill
