The risk of an attack related to a flaw in Microsoft Outlook Express climbed this week, after underground hacking sites began circulating sample code for exploiting it.
The exploit, which the French Security Incident Response Team drew attention to on Monday, is designed to take complete control of PCs with certain versions of the Outlook Express e-mail program installed on them, when users visit newsgroups controlled by the hackers.
But security experts said the risk of a widespread attack is low, because people must visit the malicious newsgroups for an attack to work. In addition, the exploit code that's in circulation has some glitches, said Michael Sutton, a lab director at security company iDefense.
"It requires a reasonable amount of user intervention, which lowers the overall risk," Sutton said.
Nonetheless, iDefense urges people with vulnerable machines to install the patch Microsoft released last week to fix the flaw. The problem stems from a component of Outlook's newsreader program called Network News Transfer Protocol. The result of an attack could be serious.
"An attacker could install programs; view, change or delete data; or create new accounts with full user rights," Microsoft warned in a security bulletin for the patch last week. The company rated the vulnerability "important," which falls second to "critical" in its rating scale.
A Microsoft representative said the company is aware of the exploit code but is unaware of active attacks that have utilized it. Microsoft is monitoring the situation and is urging customers to apply its patch, the representative said. The company also directed people to report any attacks to Microsoft and the FBI.
The vulnerability has been found in several versions of Outlook Express, including releases 5.5 and 6.0 for Windows 2000, XP and Server 2003 machines, according to Microsoft. People don't have to launch the Outlook Express program, however, in order to fall victim to an attack.
How long are people going to put up with a swiss cheese of an OS that has bupkis in terms of keeping user privileges out of the hands of malicious kids.
All you Windowzers are being duped by Big Redmond. Enjoy the ride!
Sorry, but I'm just going to keep Windows. I don't want to completely uninstall Windows from my PC to satisfy Linux, and I'm not paying over $5,000 for a Mac (Once you get the Mac you have to get the accessories too ;-) ). Windows is #1 because it's the most user friendly. Period.
Gregory, how naive does one have to be to say that Windows is #1 because it is the most user friendly? Is WalMart the #1 retailer because they offer the best shopping experience? No, they offer the cheapest. And you always get what you pay for.
I for one am not going to skimp when it comes to my computing. If I had to because of financial reasons, that's okay. But I would not delude myself that it is any good just because it's economical. Businesses think the same way. Windows is good enough to get the job done. That's it.
If you want "good enough", you're Bill Gates' kinda guy. If you want the best user experience, get you head out of your arse and look to a UNIX based solution. The best being the Mac with Linux not far behind.
Apple says it's got a third-party group looking for issues at manufacturing partners it uses. Read CNET's FAQ to find out how we got here and what the next steps are.
NY professor believes that a word-based algorithm can help bring together those who believe, with one glimpse, that they have found and lost the love of their lives.
After a higher-than-expected fourth quarter, the video subscription service unburdens itself of a pending yearlong class action suit and settles for $9 million.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
This week, we pass around Sony's new PlayStation Vita for some hands-on testing, check out HP's newest Beats Audio laptop, and debate the best and worst Valentine's Day gadget gifts.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
that has bupkis in terms of keeping user privileges out of the
hands of malicious kids.
All you Windowzers are being duped by Big Redmond. Enjoy the
ride!
#1 because it is the most user friendly? Is WalMart the #1
retailer because they offer the best shopping experience? No,
they offer the cheapest. And you always get what you pay for.
I for one am not going to skimp when it comes to my
computing. If I had to because of financial reasons, that's okay.
But I would not delude myself that it is any good just because
it's economical. Businesses think the same way. Windows is
good enough to get the job done. That's it.
If you want "good enough", you're Bill Gates' kinda guy. If you
want the best user experience, get you head out of your arse
and look to a UNIX based solution. The best being the Mac with
Linux not far behind.