---

ComputerWorld: Microsoft scrambling to fix new Outlook security hole

“Microsoft Corp. is once again scrambling to fix a newly
discovered vulnerability in its software that security experts warn
is every bit as dangerous as an earlier one, for which a workaround
was posted less than a week ago.”

“According to a Microsoft advisory, a cracker could exploit the
vulnerability to send e-mail that when downloaded from a server
would either crash Outlook or cause malicious code to be run on the
victim’s computer. “Such code could take any action that the user
was authorized to take on the machine, including reformatting the
hard drive, communicating with an external Web site or changing
data on the computer,” the Microsoft advisory warned.”

“Because the vulnerability occurs when the mail is being
downloaded from the server, recipients don’t need to open the mail
— or even preview it — for the vulnerability to be
exploited
, said Jesper Johansson, an assistant professor at
Boston University and editor of the SANS Windows Security
Digest.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis