Re: Email based attack on University
On Wed, Oct 02, 2019 at 09:27:37AM -0400, Carl Fink wrote:
> On Wed, Oct 02, 2019 at 08:41:11AM -0400, Henning Follmann wrote:
>
> > Here is one thing which actually make everybody safer: Do NOT (NEVER!) accept files
> > which might include executable code.
> > Office files (MS or OO )
>
> Open MS files with LibreOffice, which won't run the VBA, or with the
> Word/PowerPoint viewer apps from Microsoft, which work great under Wine and
> also can't run VBA. Have LO files ever actually been vectors?
>
> > only PDF/A is OK every other PDF, throw it out.
> > No multimedia (movies, mp3).
>
> Really? MP3? Paranoid much?
Well, maybe.
OTOH these massive exploits these days were considered very unlikely some
time ago. And a vectors in remains a vector in, and most likely becomes
a common attack vector. Your point because it is not widely used _now_,
it is safe, is just ridiculous.
-H
--
Henning Follmann | hfollmann@itcfollmann.com
Reply to: