Posts tagged untitled
Page Content
Word documents being used in new attacks
I have repeatedly pointed out (e.g., this post) to people that sending Word files as attachments is a bad idea. This has been used many, many times to circulate viruses, worms, and more. People continue to push back because (basically) it is convenient for them. How often have we heard that convenience trumps good security (and good sense)?
Now comes this story of yet another attack being spread with Word documents.
There are multiple reasons why I don’t accept Word documents in email. This is simply one of the better reasons.
If you want to establish a sound security posture at your organization, one of the things you should mandate is no circulation of executable formats—either out or in. “.doc” files are in this category. I am unsure if the new “.docx” format is fully immune to these kinds of things but it seems “.rtf” is.
Current News
CERIAS Weblogs
Upcoming Events
Footer
RSS Feeds
Combined RSS Feed
News RSS Feed Events RSS Feed Weblogs RSS Feed Security Seminar Podcast
Twitter: @cerias, @ceriasarchive, #cerias
LinkedIn: CERIAS Alumni, Staff and Friends
Facebook: Friends of CERIAS
Mailing Address: CERIAS, Purdue University / 101 Foundry Drive / Convergence Center / Suite 3800 / West Lafayette IN 47906-3446
phone (765) 494-7841 / fax (765) 496-3181 / Travel Info
Copyright © 2024, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy