[plug] Bugbear/B
Craig Ringer
craig at postnewspapers.com.au
Tue Jun 10 14:45:30 WST 2003
> http://support.microsoft.com/default.aspx?scid=kb;en-us;Q290497&id=kb;en-us;Q290497
>
> That gives you a nice list of Windows executable type files to block :)
Whoops, they missed some important ones.
.doc
.xls
.ppt
.dot
:-P
Seriously, WTF does Office (at least 2000) etc have Macro support
enabled by default? Shouldn't that be something to be turned on at
install time, in the prefs, or by domain security policy?
Note that I also wish OO.o would have macro support disabled by default,
its not just MS that does it. At least enable "show warning before running".
> I just use Command AV for Linux with amavis and Postfix to scan all
> email for viruses, and block attachment types once its done that. I
> should really do it the other way around to reduce processing, but
> knowing how many viruses are indeed getting bounced is interesting to
> know (especially when talking to management about how effective
> something they've just spent money on is).
I'm actually wondering if that free AV tool can detect macro viri?
They're neither overly common nor overly destructive, but they're a
/blood pain/ to clean up. We're looking to move all our mail services
onto the Debian gateway box, and it'd be ideal to avoid having to fork
out for a virus scanner just for the tiny number of macro viri out
there. Hmm... not even sure I've /ever/ had one come in.
Nonetheless, its a concern.
Craig
More information about the plug
mailing list