Wednesday, March 26, 2008

Give me back my bugs!

I'm reminded by this story about microsoft access files being repackaged as virus attack vectors, of an incident that happened to me a few years ago-
I was working on a software application which saved files with an .adp suffix - something that is also used for Access project files. We were using outlook for email and I had a folder on the server with all the bug reports in - usually with example attachment files (obviously as our adp files).
One day, new version of Outlook tightened up security and - surprise - I wasn't able to download any of the files because the post upgrade outlook considered them risky!
Fortunately I was able to access the exchange server using a web interface and download the files (so much for security) but there were riskier ways of getting back access(!)
Be careful where you place your bug reports!

No comments: