[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Report excerpt - TAKE THIS SERIOUSLY



PureBytes Links

Trading Reference Links

> it is a serious vulnerability, essentially enabling a virus,
> worm, or trojan to auto-run on your machine simply by opening an email.

It's worse than that. The code can be embedded in a malicious web page.
I don't (and never will) use OE for email but I use IE for my browser
because too many web pages won't display right without it. I did the
patch immediately when I read this.

<<<<<<<
If a malicious user sends an affected HTML e-mail or hosts an affected
e-mail on a Web site, and a user opens the e-mail or visits the Web
site, Internet Explorer automatically runs the excecutable on the user's
computer.
>>>>>>>>

While I was at it, I ran all the security patches I had missed since my
last upgrade. If you're running IE5.5 SP1 (the latest version), you
still need everything starting with the 11/22/00 patch. There are 6 of
them altogether.

http://www.microsoft.com/windows/ie/download/

-- 
  Dennis