At 10:31 PM 11/6/01 +0530, Ariya wrote the following: >I think OE6 gets over most of the security issues discussed and pointed out. >When it comes to interface design and suitability for handling multiple >accounts, OE6 wins hands down.
OE 6 is as insecure as all the previous versions. MS hasn't gotten in correct in 5 years and 5 versions, why would say that they have it correct now? The list of bugs, patches, fixes, security flaws, etc. with Outlook and Outlook Express has been a virtual flood. September 19, 2001 N*mda Worm Shows You Can't Always Patch Fast Enough http://www4.gartner.com/resources/101000/101034/101034.html "N*mda, Microsoft recommends installing numerous patches and service packs on virtually every PC and server running IE, IIS Web servers or the Outlook Express e-mail client." "... Enterprises using Microsoft's IIS Web server software have to update every IIS server with every Microsoft security patch that comes out � almost weekly" If you happen to be a fan of PBS, especially the Computer Chronicles series by Robert X. Cringely then you might be interested in this statement of August 2, 2001: (http://www.pbs.org/cringely/) "As events of the last several weeks have shown, Microsoft Windows, e-mail and the Internet create the perfect breeding ground for v*rus attacks. They don't even have to exploit Windows flaws to be effective. Any Visual BASIC programmer with a good understanding of how Windows works can write a v*rus. The wonder of all these Internet security problems is that they are continually labeled as "e-mail v*ruses" or "Internet worms," rather than the more correct designation of "Windows v*ruses" or "Microsoft Outlook v*ruses." It is to the credit of the Microsoft public relations team that Redmond has somehow escaped blame, because nearly all the data security problems of recent years have been Windows-specific, taking advantage of the glaring security loopholes that exist in these Microsoft products. If it were not for Microsoft's carefully worded user license agreement, which holds the company blameless for absolutely anything, they would probably have been awash in class action lawsuits by now." Some Older Articles: Carnegie-Mellon University had this to say about version 4 "The current version of Outlook Express does not provide the minimal level of support and security necessary for shared lab use, and therefore cannot be recommended or even supported in public computer labs." http://www.cmu.edu/computing/cyrus/overview-outexpress.html CNET June 28, 2000 http://news.cnet.com/news/0-1005-200-2167152.html "The security holes affect combinations of Microsoft products including its Internet Explorer browser, Outlook productivity software suite, Outlook Express email client, Visual Basic programming language, Access database application, PowerPoint slide presentation software, Excel spreadsheet software, and ActiveX technology for linking desktop applications such as these with the Web. " Lastly, not OE specific but to show that MS still hasn't "gotten it" with security: CNET Browser Wars http://home.cnet.com/software/0-3227883-8-7614087-1.html "You'll have to choose a browser based on what's most important to you. If you want tight security, Java support, and (thanks to version 6.2) support for both Windows XP and Mac OS X, go with Netscape. For a familiar, customizable interface and a simple installation process, go with Internet Explorer." -- Gerry Boyd ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
