Outlook Express 5.0 Open to Security Breach -- Microsoft has issued an alert about a security hole in Outlook Express 5.0 for the Macintosh. Essentially, a malicious person could send a specially composed MHTML (MIME HTML) message to an Outlook Express 5.0 user. That message would then automatically download a file to the user's default Download folder without the user's knowledge. (You set the Download folder in the Internet control panel, Internet Config, Internet Explorer, or other Internet Config-savvy application.) If that file were a destructive application, and if you were to launch it, damage could occur. This situation is similar to receiving an application as an email attachment. In this case, though, you won't be able to connect a message to that file; at some point, you'll just find an unidentified application in your Download folder with no indication that it might be dangerous. Although Microsoft is working on a fix, the only solution at the moment is to open only downloaded files whose source you can identify. [ACE]

<http://www.microsoft.com/mac/oe/>

Permanent article URL: http://db.tidbits.com/article/5651
This is a specially formatted version of this TidBITS article that removes colors, and optionally removes images; it's designed to minimize the use of ink and paper.
Unless otherwise noted, this article is copyright © 1999 TidBITS Publishing, Inc.. TidBITS is copyright © 2008 TidBITS Publishing Inc. Reuse governed by this Creative Commons License: http://www.tidbits.com/terms/.