New Zealand Herald: E-mail virus info 'stolen'May 30, 2000, 14:58 (5 Talkback[s])
(Other stories by Gregg Wycherley)
[ Thanks to davec for this link. ]
"An Auckland software developer who found a security flaw in Microsoft's e-mail software that he believes could secretly unleash a "hell virus" says files on his discovery have been stolen from his computer. Phil Saleh, creative director of Arabesque Multimedia - who has a back-up of his find - discovered the flaw in Microsoft's Outlook Express program while designing Java script software that automatically activates computer functions."
"We discovered we could write a program that will activate any type of executable file on a computer through e-mail," says Mr Saleh. "Which means if we have your e-mail address we can control your computer - or attach a virus which could automatically send itself to every name in your address book without you even being aware of it."
"Using what I have found out, I could make a virus much worse than the 'I love you' bug because you wouldn't have the option of deleting the e-mail carrying the virus before it infected your computer - it would activate automatically whether you read the message or not." Mr Saleh alerted Microsoft's Security Response Centre in Redmond, Washington, but it said it could not find any "security vulnerability.""