Microsoft sent out this security bulletin on the 10th. http://www.microsoft.com/technet/security/bulletin/MS02-058.asp
John John Tolmachoff wrote: > > Has any one seen this and can Declude Virus help protect against this? > > A recently announced flaw in Microsoft's Outlook Express e-mail program > allows a Windows system to be taken over by a specially crafted incoming > message. > Ironically, the flaw that allows the attack is part of Microsoft's > implementation of S/MIME, a standard that is supposed to enhance security by > allowing encryption and digital signing of messages. An attacker can take > over the system by sending a message with an excessively long "digital > signature." When the message arrives, rogue code contained in the signature > can be made to run. > > The flaw, which Microsoft rates as "critical," affects the company's free > Outlook Express, which is bundled with Microsoft Windows and Internet > Explorer. It does not affect Outlook, which is part of the costly Microsoft > Office suite. Unfortunately, Outlook Express is by far the more widely used > of the two > > John Tolmachoff > IT Manager, Network Engineer > RelianceSoft, Inc. > Fullerton, CA 92835 > www.reliancesoft.com > > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > --- > This E-mail came from the Declude.Virus mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus". The archives can be found > at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
