Re: HTML or Plain Text

From: \ (x_at_y\)
Date: 01/10/05

• Next message: mae: "Re: eicar_test string"
• Previous message: Michael Santovec: "Re: Netzero account receiving poor quality image attachments"
• In reply to: CW: "Re: HTML or Plain Text"
• Messages sorted by: [ date ] [ thread ]

Date: Mon, 10 Jan 2005 13:27:26 -0600

Hello CW,

Today, I run across fresh News about "HTML".

January 10, 2005
Microsoft IE 6 users beware -
RELATED ENTRIES
Security company Secunia has issued a warning to Internet Explorer 6 users about three critical vulnerabilities that
could allow hackers to execute spyware and dialers - the vulnerabilities affect computers running Windows XP, even if
Microsoft's Service Pack 2 patch has been used. Vulnerabilities in Secunia Advisory include - Insufficient validation of
drag and drop task from the "Internet" zone to local resources. When this is not checked properly by IE a malicious
website can plant arbitrary HTML documents on a user's system. Vulnerability two relates to IE's HTML help control; a
specially crafted help (.hhk) file can execute malicious code ; this vulnerability can by-pass the "Local Computer" zone
and lock down security features in SP2. Vulnerability three relates to a bug in the way IE handles the "Related Topics"
command in an embedded HTML Help control, this can be exploited to allow the execution of malicious code. Secunia
recommends users disable IE's Active X support in order to prevent the problem until Microsoft creates a suitable patch
to match the problem. According to Secunia Staff Microsoft was informed of this problem two months ago - In response to
that Microsoft who is hard at work on a patch - said the reason for the delay is to make sure the patches are robust
enough to completely stop the problem. Microsoft suggest that people check safe browsing guidelines here to help them
deal with the problems.

- MORE
- Secunia Test

"CW" <CW@discussions.microsoft.com> wrote in message

..
> Many thanks to all of you for the informative replies. When I was posting the
> query I felt it was a bit dumb but I'm glad I did, as clearly there are
> various issues of which one needs to be aware.
> Thanks again
> CW
>
> "Frank Saunders, MS-MVP IE/OE" wrote:
>
>> "CW" <CW@discussions.microsoft.com> wrote in message
>> news:380F0FE2-AE8B-40CE-B509-533E3C52D2B0@microsoft.com
>> > Using OE6, XP SP1...what are the pros and cons, benefits or
>> > otherwise, of using HTML for outgoing email msges compared with Plain
>> > Text? What does one do, that the other does not, etc? Why should I
>> > set it it to one and not the other?
>> > Thanks
>>
>> You can do a lot to make a message prettier with HTML but in the process you
>> also make it a lot larger, which means it takes longer to send and longer to
>> receive. Plus, some mail clients can't read HTML and will only see the
>> plain text part.
>>
>> --
>> Frank Saunders, MS-MVP, IE/OE
>> Please respond in Newsgroup only. Do not send email
>> http://www.fjsmjs.com
>> Protect your PC
>> http://www.microsoft.com./athome/security/protect/default.aspx
>>
>>
>>

• Next message: mae: "Re: eicar_test string"
• Previous message: Michael Santovec: "Re: Netzero account receiving poor quality image attachments"
• In reply to: CW: "Re: HTML or Plain Text"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint