Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
> > > Or when "IEXPLORE.EXE has generated an illegal instruction
> > > and will be shut
> > > down. A log file is being written." followed by fifteen
> > > minutes of intense
> > > disk-thrashing in Win2K. ;-)
> >
> > Taking advantage of either of these requires access to the physical
> > machine and is therefore the same as the cache file exploit that I
> > mentioned. In all cases, my second point still holds.
>
> Physical access is not required:
>
> 1. I can crash the browser by sending you a suitable html email bomb
> 2. Backoffice etc is sufficient to then retrieve the core/log file
>
Did you mean Backorifice? Well, that still means they need to crack your computer. And if someone has cracked your computer, you're pretty well screwed no matter what you do.
Lex