Linux Today: Linux News On Internet Time.

More on LinuxToday

ComputerWorld: Microsoft scrambling to fix new Outlook security hole

Jul 19, 2000, 21:24 (6 Talkback[s])

"Microsoft Corp. is once again scrambling to fix a newly discovered vulnerability in its software that security experts warn is every bit as dangerous as an earlier one, for which a workaround was posted less than a week ago."

"According to a Microsoft advisory, a cracker could exploit the vulnerability to send e-mail that when downloaded from a server would either crash Outlook or cause malicious code to be run on the victim's computer. "Such code could take any action that the user was authorized to take on the machine, including reformatting the hard drive, communicating with an external Web site or changing data on the computer," the Microsoft advisory warned."

"Because the vulnerability occurs when the mail is being downloaded from the server, recipients don't need to open the mail -- or even preview it -- for the vulnerability to be exploited, said Jesper Johansson, an assistant professor at Boston University and editor of the SANS Windows Security Digest."

Complete Story

Related Stories: