Linux Today: Linux News On Internet Time.

More on LinuxToday

New Zealand Herald: E-mail virus info 'stolen'

May 30, 2000, 14:58 (5 Talkback[s])
(Other stories by Gregg Wycherley)

[ Thanks to davec for this link. ]

"An Auckland software developer who found a security flaw in Microsoft's e-mail software that he believes could secretly unleash a "hell virus" says files on his discovery have been stolen from his computer. Phil Saleh, creative director of Arabesque Multimedia - who has a back-up of his find - discovered the flaw in Microsoft's Outlook Express program while designing Java script software that automatically activates computer functions."

"We discovered we could write a program that will activate any type of executable file on a computer through e-mail," says Mr Saleh. "Which means if we have your e-mail address we can control your computer - or attach a virus which could automatically send itself to every name in your address book without you even being aware of it."

"Using what I have found out, I could make a virus much worse than the 'I love you' bug because you wouldn't have the option of deleting the e-mail carrying the virus before it infected your computer - it would activate automatically whether you read the message or not." Mr Saleh alerted Microsoft's Security Response Centre in Redmond, Washington, but it said it could not find any "security vulnerability.""

Complete Story

Related Stories: