Mobile Code in E-Mail Clients
The majority of modern e-mail clients, including Outlook, Outlook Express, Netscape/Mozilla Mail, Lotus Notes, and Eudora contain some form of Web browser functionality to display HTML-formatted e-mail messages. Such features often include support for executing mobile code embedded in an e-mail message. As a result, many of the Web browser attack techniques that we've discussed throughout this chapter also apply to e-mail clients. Very few people actually have the need to execute browser scripts, ActiveX controls, Java applets, or any other mobile code inside of e-mail messages. Therefore, the core advice that I have to offer you in this section is straightforward: Turn off support for mobile code in your e-mail ...
Get Malware: Fighting Malicious Code now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
