Microsoft's Internet Explorer version 4 or 5 allows almost any web site you visit to read all the files on your hard disk and of course, Outlook Express and Outlook uses IE's code base to display complex e-mail messages, so even an e-mail you receive could read all about you. No attachment would be required. Now, how to fix this problem:
In Internet Explorer (IE), pull down the Tools menu and click on Internet Options.
Click the Security Tab.
Select the Internet icon (should be the default that is already selected), and then click the Custom Level.
Scroll down the list to Java Permissions, and then click on Custom.
Then click the Java Permissions Settings identified as Java Custom Settings button.
Click the Edit Permissions tab.
Change the radio button under the Run Unsigned Content to Disable.
Change the Signed Content to Prompt (Windows 2000 may already be defaulted to this value).
Then click the Reset button.
Finally click OK or YES buttons to exit out of IE and save your changes. Then call back IE and your system now will be protected from unsigned Java applets that could view the files on your hard drives. If you enter a website that uses assigned Java applets, then you will be prompted to ask if you trust the source or not. You may be presented with the prompt stating: "Do you want to allow software such as ActiveX controls and plug-ins to run?" If you are in doubt, then answer "NO" to this question.
Extracted from InfoWorld Nov 2000, page 62.