[3740] in WWW Security List Archive
Re: Re : Any internet virus
daemon@ATHENA.MIT.EDU (Gene Hardesty)
Sat Dec 7 03:12:26 1996
Date: Fri, 06 Dec 1996 15:39:22 +0900
From: Gene Hardesty <geneh@surf-line.or.jp>
Reply-To: geneh@surf-line.or.jp
To: Jack Gostl <gostl@argoscomp.com>
CC: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
You're right, Jack, but the fact is that the computer CAN'T execute
ascii files DIRECTLY. Meaning that the computer CAN'T directly execute
a WORD macro. WORD emulates it, but I'm getting ahead of myself
here.....
G.
Jack Gostl wrote:
>
> On Thu, 5 Dec 1996, Ong Joon Kian wrote:
>
> > I don't know about you, but it seems to me that a virus that spreads
> > through ASCII is certainly nothing to worry about. Computer aren't
> > designed to execute ASCII files. It needs to be converted to binary
> > first. Or am I wrong?
>
> Wrong, sort of. The problem is that Windows 95 is too darned smart. You
> could construct a message with a Word document attached. Under some
> circumstances, W95 recognizes the document as a Word document, and
> launches Word and starts the document. This document can contain a macro
> that executes on startup. And POOF!
>
> I think there used to be some stuff on the Unix mailer, ELM that could be
> tricked into doing even worse stuff by reading an ASCII file.
>
> Finally, there is the old "ANSI" bomb trick, only relevant in DOS, where
> someone embeds an ANSI sequence in a message which reprograms one of your
> keys to contain something like "DEL C:\BIN\*.EXE".
>
> So --- never say never --- and all of which is quite interesting, but
> doesn't have much to do with web security.
>
> Jack Gostl gostl@argoscomp.com
