Comment by Blackthorn
5 years ago
> How does this stop bad actors from exploiting bugs in e.g. V8 with malicious JavaScript?
You're correct: it doesn't. Blocking executable files aren't enough. Javascript files, zips containing executables, malicious Word files...all of these are vectors.
Look at the file types gmail blocks from being directly attached to emails for a comprehensive list.