Two serious security holes in two weeks is a very bad thing, especially because the second one sounds a lot like crying wolf. Last week's hole had security experts saying, "This is pretty bad, but it could be worse." From the sound of things, this week's is worse.
A flaw in how Microsoft Outlook and Microsoft Exchange handle enriched text can be used to hack computers simply by sending a malformed e-mail message. Apparently all you need to do is receive one of these messages and you're hacked. The hole hasn't been exploited yet and Microsoft already released a patch, so visit www.windowsupdate.com and install it ASAP.
Lots of people are quite happy with Outlook, but to me it's a bloated, overly complicated and insecure piece of shit. I use Thunderbird. Eudora is also nice, but it won't translate my spam mail into Swedish Chef English like Thunderbird.
2 responses so far ↓
1 Jeffrey
// Jan 15, 2006 at 12:53 am
This is another take on the subject.
http://news.com.com/2061-10789_3-6027130.html
2 Rich Pav
// Jan 15, 2006 at 4:40 am
I heard him say that, and I was surprised that he would make such an accusation. He must have known what the reaction was going to be. It also made me realize I should be careful about what I say. Even on a much smaller scale, I wouldn't want to be the center of a similar contraversy.