[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Email based attack on University

On Wed, Oct 02, 2019 at 09:27:37AM -0400, Carl Fink wrote:
> On Wed, Oct 02, 2019 at 08:41:11AM -0400, Henning Follmann wrote:
> 
> > Here is one thing which actually make everybody safer: Do NOT (NEVER!) accept files
> > which might include executable code.
> > Office files (MS or OO )
> 
> Open MS files with LibreOffice, which won't run the VBA, or with the
> Word/PowerPoint viewer apps from Microsoft, which work great under Wine and
> also can't run VBA. Have LO files ever actually been vectors?
> 
> > only PDF/A is OK every other PDF, throw it out.
> > No multimedia (movies, mp3).
> 
> Really? MP3? Paranoid much?

Well, maybe.
OTOH these massive exploits these days were considered very unlikely some
time ago. And a vectors in remains a vector in, and most likely becomes
a common attack vector. Your point because it is not widely used _now_,
it is safe, is just ridiculous.

-H

-- 
Henning Follmann           | hfollmann@itcfollmann.com
Reply to: