HZRN.COM
welcome to my space
X
Search:  
Economics | Home Improvement | Ezines and Newsletters | Crockpot Recipes | Hardware | Cosmetics | Vans | Careers | Related articles
Welcome to:hzrn.com
NAVIGATION: Home >>
New Security Holes in Outlook
Published by: anonym 2008-11-19

Online privacy and security guru Richard Smith, who operates the Computer Bytes Man site, has issued a warning about potential security problems in Microsoft Outlook 2002. One of the most serious involves Windows Media Player (WMP).

CMS security holes expose patient data - FierceHealthIT::
HIPAA Security Provisions. The New Encryption Generation: Closing the Gap The Cardiovascular Disorders Market Outlook to 2012
http://www.fiercehealthit.com/story/cms-security-holes-expose-patient-data/2006-10-09HOME
In an e-mail to SecurityFocus Corp.'s Bugtraq database administrators, Smith said that WMP "reintroduces the ability to automatically execute JavaScript code from an HTML e-mail message in Outlook 2002."

Update: Ten New Security Holes in Windows XP SP2?::
ten new security holes in Windows XP Service Pack 2 have been discovered, so get ready to insert new patches into Outlook. Scripting. Security. Resources
http://windowsitpro.com/article/articleid/44502/update-tenes-in-windows-xp-sp2.htmlHOME
Bugtraq is an interactive list of vulnerabilities developed to help the security community identify and fix them.

Smith is the author of a recent detailed report on what he called "serious privacy problems" with Windows Media Player for Windows XP that lets Microsoft track what DVD movies consumers are watching. Microsoft has said its DVD privacy policy has been amended.

The other Outlook 2002 problems, according to Smith, are that in an HTML e-mail message, JavaScript code can still be executed in spite of the fact that scripting is turned off by default in Outlook. The trick is to embed the JavaScript code in either an "about:" or "javascript:" URL that is used as an HTML tag.

Inside Firefox - The Inside Track on Firefox Development::
Ive set up a new personal email address, and as soon as I can Microsoft Outlook and Outlook Express are the unsung security hole in most peoples systems.
http://weblogs.mozillazine.org/ben/archives/007185.htmlHOME
A third problem is that cookies can be set and read in HTML e-mail messages in spite of the fact that the default security settings in Outlook 2002 claim that cookies are turned off. This is a privacy leak problem and not a security hole, he said. The fourth problem involves gratuitous warnings about links sent in e-mail messages.

Ironically, Microsoft is making security in its products a top priority -- in January, Chairman Bill Gates emphasized that to employees in a memo. Last month the company turned to an outside security expert to help implement that goal.

Smith said in his message that JavaScript is disabled by default in Outlook 2002, because it can facilitate the creation of worms and other malicious code which (can be) carried by HTML e-mail messages. Using a number of simple tricks, "WMP can be used to bypass the Outlook security settings and still automatically execute JavaScript, Java, and ActiveX code in an HTML e-mail message."

"This problem is more of an example of poor security policies in Outlook and WMP and is not really a security hole in the classic sense," he wrote, adding that Outlook Express and earlier versions of Outlook likely have the same security problem even with all security protections set to the maximum. There was no immediate response from Microsoft.


Wily Clinton Worm Wriggles Free
City Tells ORBZ Owner...Oops

#If you have any other info about this subject , Please add it free.#
Your name:
E-mail:
Telphone:

Your comments:


If you have any other info about New Security Holes in Outlook , Please add it free.
 Homepage | Add to favorites | Contact us | Exchange links | LOGIN | Site map | 
Copyright© 2008 hzrn.com        Site made:CFZ