Kevin Poulsen, SecurityFocus 2000-07-19
Upgrading Microsoft Explorer fixes a newly discovered hole in Outlook that threatens email-borne havoc.
Colapse all |
Post comment
Still using outlook?
2000-07-19
Anonymous (2 replies)
Anonymous (2 replies)
One might just want to take a look at that situation. Why, oh why, would _anyone_ continue to use a program that has repeatedly been demonstrated to be a menace?
...
[ more ] [ reply ]
...
[ more ] [ reply ]
Still using outlook?
2000-07-20
Anonymous (2 replies)
Anonymous (2 replies)
Like all applications, the most powerfull and most used applications are hit. If another application would be the most used one, the same (or worse) problems, it would trigger people to act the same onto that application. It's not the creator of the application (in this case Microsoft) who is to bla...
[ more ] [ reply ]
[ more ] [ reply ]
Still using outlook?
2000-07-20
Anonymous (3 replies)
Anonymous (3 replies)
Do you know how many people are out there with a lot of time on their hands.
I'm sure there are people trying to find exploits in Netscape and other non-Microsoft
software. The reason there aren't as many problems with these pieces of software
is not because they are not targeted, but because t...
[ more ] [ reply ]
I'm sure there are people trying to find exploits in Netscape and other non-Microsoft
software. The reason there aren't as many problems with these pieces of software
is not because they are not targeted, but because t...
[ more ] [ reply ]
Still using outlook?
2000-07-21
Anonymous
Anonymous
The fault lies Squarely on the developer's shoulders. If they would spend more time testing and less time listening to marketing/management demands we would still have problems though probably not as much. You have to admit that the other comment on microsoft being widely used and a good target as ...
[ more ] [ reply ]
[ more ] [ reply ]
Still using outlook?
2000-07-23
Anonymous (3 replies)
Anonymous (3 replies)
Did somebody say, "It's not because they're not hit, it's because they're better designed..?" Whatever... it's those that are the hardest hit that have to be better designed... and Outlook has been hit a trillion times because everyone uses Outlook. Simple. Outlook would not have survived if it had ...
[ more ] [ reply ]
[ more ] [ reply ]
Still using outlook?
2000-07-24
Anonymous
Anonymous
> I dare anyone to defend the stance that these other email clients could
> not be cracked inside and upside down, throughout and within by the
> ten best hackers in the world working for only five months straight.
Ah, but with Outlook, cracking the system only takes a few hours work
by some...
[ more ] [ reply ]
> not be cracked inside and upside down, throughout and within by the
> ten best hackers in the world working for only five months straight.
Ah, but with Outlook, cracking the system only takes a few hours work
by some...
[ more ] [ reply ]
Still using outlook?
2000-07-25
Anonymous
Anonymous
Problem is Outlook still suffers from the problem where if you get HTML messages, it's all too happy to download images off the internet for you to finish the message. One can only imagine how this could be used by spammers and others who seek to advertise via e-mail. "Oh, look. A hit on my webse...
[ more ] [ reply ]
[ more ] [ reply ]
Still using outlook?
2000-07-24
Anonymous
Anonymous
Irrespective what is being talekd about, there is no doubt that Outlook is most widely used mail machanism among the computer users. Hence, more cracks are being reported simply because the number of users are many times than other mail managing mechanisms. Also it's just funny that we all get the s...
[ more ] [ reply ]
[ more ] [ reply ]
Shame to Microsoft
2000-07-19
Anonymous (1 replies)
Anonymous (1 replies)
Considering the seriousness of this vulnerability, the fact that www.microsoft.com doesn't have a huge notice (in fact, their title page has nothing about this) is just the kind of customer practise that gets Microsoft the bad karma of the month award.
-mk...
[ more ] [ reply ]
-mk...
[ more ] [ reply ]
Shame to Microsoft
2000-07-21
Anonymous
Anonymous
www.microsoft.com is nothing more then an advertisement. The security bulletins are posted on Tech Net at:
www.microsoft.com/technet/security/default.asp
It is unfortunate that you have to do a little digging to see how bad their software is, but really what company is going to post their major...
[ more ] [ reply ]
www.microsoft.com/technet/security/default.asp
It is unfortunate that you have to do a little digging to see how bad their software is, but really what company is going to post their major...
[ more ] [ reply ]
Server Filtering
2000-07-20
Eric Andry <eric (at) wincom (dot) net [email concealed]> (1 replies)
Eric Andry <eric (at) wincom (dot) net [email concealed]> (1 replies)
I know a long debate has been going on about if Sys Admins should filter this at the server level, or leave it up to the customer to filter, but for a bug like this, with DSL and Cable services being used in the home, it opens up a huge door to install DDoS clients. Also with the number of not so co...
[ more ] [ reply ]
[ more ] [ reply ]
Server Filtering
2000-07-24
Anonymous
Anonymous
I use inflex (http://www.spyda.co.za) to preprocess all incoming
mail before it even hits the corporate network. I stopped
the ILOVEYOU virus 30 minutes after we found out about it.
Ditto for the Amex confirmation thing. (we just stopped
all *.vbs attachments).
Inflex runs all attachmen...
[ more ] [ reply ]
mail before it even hits the corporate network. I stopped
the ILOVEYOU virus 30 minutes after we found out about it.
Ditto for the Amex confirmation thing. (we just stopped
all *.vbs attachments).
Inflex runs all attachmen...
[ more ] [ reply ]
Is the cure worse than the problem?
2000-07-20
Anonymous (2 replies)
Anonymous (2 replies)
It's interesting, and a little scary. To cure this, "Microsoft says Outlook users can eliminate the vulnerability by upgrading to Internet Explorer 5.01Service Pack 1, or, Explorer 5.5."
In otherwords, they are forcing you to install one of their products, even if you don't use it! I am a Netscap...
[ more ] [ reply ]
In otherwords, they are forcing you to install one of their products, even if you don't use it! I am a Netscap...
[ more ] [ reply ]
Is the cure worse than the problem?
2000-07-21
Anonymous (1 replies)
Anonymous (1 replies)
IE 5.5 will hopefully make Windows run better in general since he browser is so damn integrated. Just because it has to be downloaded doesn't mean it has to be used. It is better from a security standpoint to keep up-to-date with things.
As for tracking, we know they're doing it and all the laws...
[ more ] [ reply ]
As for tracking, we know they're doing it and all the laws...
[ more ] [ reply ]
Is the cure worse than the problem?
2000-07-21
Anonymous
Anonymous
:As for tracking, we know they're doing it and all the lawsuits in the
world are not going to stop them...just look at DoubleClick. And as
for assimilating into "MicroBorg," just think where we'd be without
them, 150 different OS's to write software for, 1000 different web
browsers t...
[ more ] [ reply ]
world are not going to stop them...just look at DoubleClick. And as
for assimilating into "MicroBorg," just think where we'd be without
them, 150 different OS's to write software for, 1000 different web
browsers t...
[ more ] [ reply ]
Is the cure worse than the problem?
2000-07-21
Eric Andry <eric (at) wincom (dot) net [email concealed]> (1 replies)
Eric Andry <eric (at) wincom (dot) net [email concealed]> (1 replies)
A cure that tells you to use another product. Lets see... M$ Outlook comes with the Office Suite(s), which is sapposed to be purchased. Outlook Express is Free as long as you don't take it apart, look at it funny, talk behind it's back.. Standard M$ agreement. So thier fix is to change from a purcha...
[ more ] [ reply ]
[ more ] [ reply ]
Is the cure worse than the problem?
2000-07-24
Anonymous (1 replies)
Anonymous (1 replies)
It seems to me that the crux of the problem is that you don't wholly understand the issue. While it is great to say "as-a-purist" that Microsoft products in general suck, because the *nix world is SOoooo great, how many of these products have security flaws right out of the box? If you think that ...
[ more ] [ reply ]
[ more ] [ reply ]
Is the cure worse than the problem?
2000-08-01
Anonymous
Anonymous
Why would NT be used rather than *nix? Because good marketing always beats good technology.
Military infrastructure, where security and reliability are of the utmost importance, should not always be treated like other government projects and farmed out to the lowest bidder. Who the hell let tho...
[ more ] [ reply ]
Military infrastructure, where security and reliability are of the utmost importance, should not always be treated like other government projects and farmed out to the lowest bidder. Who the hell let tho...
[ more ] [ reply ]
I guess a good solution for MS is...
2000-07-20
Anonymous (2 replies)
Anonymous (2 replies)
to e-mail all registered users a message that uses this bug to force them to automatically download and install an update that fixes the bug. :)
...
[ more ] [ reply ]
...
[ more ] [ reply ]
I guess a good solution for MS is...
2000-07-21
Anonymous (1 replies)
Anonymous (1 replies)
Its so easy to use!
2000-07-21
Anonymous
Anonymous
Well guys, this bug is so easy to use....i ll tested it on all machines in my companie!Just one machine(my own) where the bug didnt work....because ie5.1 sp1...hehehe
But what about all ohter users? I think this bug should be postet everywhere and microsoft should get ah real update for this...dont...
[ more ] [ reply ]
But what about all ohter users? I think this bug should be postet everywhere and microsoft should get ah real update for this...dont...
[ more ] [ reply ]
You have an army of software engineers, billions of dollars of resources and it takes 21 days to fix?
Pathetic.
Guaranteed had the Australian not released it yesterday, Microsloth would have taken their sweet time to do something about it.
Pure incom...
[ more ] [ reply ]