W3C home > Mailing lists > Public > w3c-wai-ig@w3.org > October to December 1998

Re: Urgent - First HTML Virus discovered

From: Chris Kreussling <CHRIS.KREUSSLING@ny.frb.org>
Date: Fri, 13 Nov 1998 11:35:30 -0500
To: w3c-wai-ig@w3.org
Message-id: <s64c1a03.060@ny.frb.org>
The "Alert" is misleading and self-serving commercial spam, if it's not outright false. I believe it be a hoax, since there's nothing about it on Microsoft's Internet Explorer Web site (http://www.microsoft.com/windows/ie/).

1) There can be no such thing as an "HTML virus" since HTML itself delivers nothing that "runs" on either the server or client.

2) According to their own Web page (and yes, I disabled *everything* in my browser before I visited their page, and I munge all identifying information as my standard practice), the virus infects HTML files (with extensions *.htm and *.html). They have given the virus the name "HTML.internal" based on a comment in the HTML source which supposedly triggers the infection. These are the only things that are "HTML" about it.

3) From their web page: "To replicate itself the virus uses inline script routines written in Visual Basic. The virus will replicate only if the browser security settings allows script routines to access disk files." That should read "VBScript" and not "Visual Basic." Which means that it would affect only Microsoft's Internet Explorer; I'm not aware of any other browser which supports VBScript.

I've observed an increasing volume of spam to the W3C WAI mailing lists. Is there anything the W3C list maintainers can do to filter this junk?


<author>Chris Kreussling</author> 
<disclaimer>The views expressed are those of the author and do not necessarily reflect the position of the Federal Reserve Bank of New York or the Federal Reserve System.</disclaimer>
Received on Friday, 13 November 1998 11:39:04 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 13 October 2015 16:21:02 UTC