That is exactly the same way that all Windows virus work. As a Windows
user (as well as other OSes), I can say that people have to be responsible
for their actions. Whenever you receive any Email attachment, the only way
that attachment can produce any damage is if you run it.
At least in my copy of MS Word anytime I open a word document and it
any macros, Word readily ask me if I want to allow the macro to execute.
Not only that, this version of Word (2000) is configured to only ask me when
a signed (with a certificate of a trusted party) macro is included.
From: Steven M. Bellovin [mailto:smb(_at_)research(_dot_)att(_dot_)com]
Sent: Thursday, May 11, 2000 7:40 AM
Cc: Brant Knudson; ietf(_at_)ietf(_dot_)org
Subject: Re: VIRUS WARNING
In message <13901(_dot_)958019788(_at_)nma(_dot_)com>, Einar Stefferud writes:
The first of these "worm/virus/addressbookmailers" was the IBM PROFS
"Chrismas Card" caper that occurred some time in the early 1990's,
long before MS willfully adopted the design.
It was in December, 1987.
Seems to me that this beloved "feature" (giving root privs to random
EMail messages) should (by now) now be fully discredited, and should
be destined for extinction, if only the customers will accept its
disappearance in trade for an absence of a continuing flood of these
$6,000,000,000 economic loss episodes.
See http://catless.ncl.ac.uk/Risks/5.80.html#subj1 for details on how
it worked -- but it didn't involve any analog to 'root' privileges.
When the recipient got a copy, there was an included (or attached; I
don't quite remember) REXX file. (REXX was a scripting language for VM/
CMS.) The message told you that it would display a Christmas card if
you ran it; most users did just that, since the note appeared to come
from someone they knew. And then the file replicated itself; you all
know the rest.
Note the two crucial points -- it ran with the user's permissions, and
it was explicitly run by the user, rather than by any automatic