Sat 2004-03-27 21:25, Jasen Betts (3:640/1042) wrote to Rod Gasson:

 RG>> The Internet, Zip files, doc files with embed macro's, and so for
 RG>> are still nothing more than transport mechanisms - the virus code
 RG>> STILL needs to be executed before an infection can take place.

 JB> you open a zip file and nothing gets run, open a document and some
 JB> automatic macros can run,

You might recall that around 10 years ago, this wasn't so true.  It is
possible to insert harmful ANSI sequences into ZIP file comments.  PKUNZIP
would display the ZIP file comment when extracting (or even viewing) the
archive, which ANSI.SYS would intercept.  I think the most harmful thing
possible was to redefine the keys on the keyboard though.  There were
third-party ANSI.SYS device driver replacements that probably deliberately
disabled support some of the more harmful ANSI sequences (among other
things).  Of course this is not really relevant today as most Windows boxes
don't load ANSI.SYS during the boot sequence, and most people use GUI ZIP
tools (like WinZip), which don't interact with the console (and thus
ANSI.SYS) at all.

-- mail{at}ozzmosis.com

--- timEd/FreeBSD 1.11.b1