> Amazingly, it appears to be true that opened in a current web browser,
> a document like the following will proceed to execute the script it
> contains.

HTML email was always evil.

The webmail clients that Ibve used recently have all been removing
images and scripts before presenting the messages, I think.

Opening random web pages is risky. And if youbve disabled some of the
security features in your browser because you want, for example, to run
scripts off of file: URIs, youbre just making things even riskier for
yourself.

> Otherwise, at least as reported in the post cited above, an OpenOffice
> document, when previewed in certain execution contexts, can act much
> like a Word document with embedded malware.

Seems likely.

                                        Be seeing you,
                                          norm

--
Norman Tovey-Walsh <ndw@xxxxxxxxxx>
https://nwalsh.com/

> In every work of genius we recognize our own rejected thoughts; they
> come back to us with a certain alienated majesty.--Emerson

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]