At 10:31 PM 11/6/01 +0530, Ariya wrote the following:

>I think OE6 gets over most of the security issues discussed and pointed
out.
>When it comes to interface design and suitability for handling multiple
>accounts, OE6 wins hands down.

OE 6 is as insecure as all the previous versions. MS hasn't gotten in
correct in 5 years and 5 versions, why would say that they have it correct
now?

The list of bugs, patches, fixes, security flaws, etc. with Outlook and
Outlook Express has been a virtual flood.

September 19, 2001
N*mda Worm Shows You Can't Always Patch Fast Enough
http://www4.gartner.com/resources/101000/101034/101034.html
"N*mda, Microsoft recommends installing numerous patches and service packs
on virtually every PC and server running IE, IIS Web servers or the Outlook
Express e-mail client."
"... Enterprises using Microsoft's IIS Web server software have to update
every IIS server with every Microsoft security patch that comes out �
almost weekly"

If you happen to be a fan of PBS, especially the Computer Chronicles series
by Robert X. Cringely then you might be interested in this statement of
August 2, 2001: (http://www.pbs.org/cringely/)

"As events of the last several weeks have shown, Microsoft Windows, e-mail
and the Internet create the perfect breeding ground for v*rus attacks. They
don't even have to exploit Windows flaws to be effective. Any Visual BASIC
programmer with a good understanding of how Windows works can write a v*rus.

The wonder of all these Internet security problems is that they are
continually labeled as "e-mail v*ruses" or "Internet worms," rather than
the more correct designation of "Windows v*ruses" or "Microsoft Outlook
v*ruses." It is to the credit of the Microsoft public relations team that
Redmond has somehow escaped blame, because nearly all the data security
problems of recent years have been Windows-specific, taking advantage of
the glaring security loopholes that exist in these Microsoft products. If
it were not for Microsoft's carefully worded user license agreement, which
holds the company blameless for absolutely anything, they would probably
have been awash in class action lawsuits by now."

Some Older Articles:

Carnegie-Mellon University had this to say about version 4
"The current version of Outlook Express does not provide the minimal level
of support and security necessary for shared lab use, and therefore cannot
be recommended or even supported in public computer labs."
http://www.cmu.edu/computing/cyrus/overview-outexpress.html

CNET  June 28, 2000
http://news.cnet.com/news/0-1005-200-2167152.html

"The security holes affect combinations of Microsoft products including its
Internet Explorer browser, Outlook productivity software suite, Outlook
Express email client, Visual Basic programming language, Access database
application, PowerPoint slide presentation software, Excel spreadsheet
software, and ActiveX technology for linking desktop applications such as
these with the Web. "

Lastly, not OE specific but to show that MS still hasn't "gotten it" with
security:
CNET Browser Wars
http://home.cnet.com/software/0-3227883-8-7614087-1.html
"You'll have to choose a browser based on what's most important to you. If
you want tight security, Java support, and (thanks to version 6.2) support
for both Windows XP and Mac OS X, go with Netscape. For a familiar,
customizable interface and a simple installation process, go with Internet
Explorer."

--
Gerry Boyd
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/rules.htm
Contact list owner <[EMAIL PROTECTED]>
Unsubscribing and other changes: http://pcworkers.com
=====================================================

Reply via email to