Wall St. Journal: Love Bug Prompts Security Experts To Poke At Microsoft's Weak PointsMay 24, 2000, 20:56 (1 Talkback[s])
(Other stories by Lee Gomes)
[ Thanks to Douglas D. Darnold for this link. ]
"The world-wide attack of the "love bug" computer virus on May 4, and last week's less widespread replay, called attention to security problems in Outlook, Microsoft's e-mail program. The outbreaks highlighted the way Outlook can launch potentially dangerous software programs and spread them to the hundreds or thousands of other e-mail addresses in a computer's electronic address book -- with just a single click of a mouse. In the case of the love bug, all it took was the simple act of opening an e-mail attachment."
"Microsoft has taken steps to make Outlook more secure, but many security experts say the fact that the ubiquitous e-mail system was so vulnerable is evidence of fundamental flaws in many Microsoft products. For example, the powerful programming languages Microsoft includes with its Windows products lack "fences" that keep out destructive pieces of computer code and prevent them from hurting a machine. Such fences are a standard feature in other computer languages intended to be passed around on the Internet. Microsoft's consumer-oriented operating systems, such as Windows 98, also lack security provisions that experts say ought to be routine in a major piece of software."
"None of these shortcomings alone are showstopper "bugs" that could instantly bring down a computer. Instead, they are what experts describe as flawed approaches to software design that can lead to big problems down the road -- the way the flawed design of Outlook led to the global love-bug emergency."