Eudora Pro Security Hole for Windows Only -- After last week's CIAC advisory regarding possible security problems in primarily Windows email clients, a different security issue has been revealed in Windows versions of Eudora Pro. Eudora Pro 4.0, 4.01, and 4.1 betas for Windows can utilize Microsoft's HTML viewer when displaying messages, and that viewer can permit automatic execution of items included in the message, such as Java applets. In theory, other Windows applications that use Microsoft's HTML viewer could also be vulnerable. Qualcomm has released an updater to 4.0.2 that makes Eudora Pro ask for permission before executing programs automatically. As a workaround, disable Microsoft's HTML viewer in the Viewing Mail settings panel of Eudora's Options dialog box. Eudora Light is not vulnerable, and Macintosh versions of Eudora have been safe for years because they encapsulate any attached applications so users must specifically choose to execute them. However, the bottom line remains unchanged: don't launch any attachments unless you're sure they're safe. [GD]
Copy Before Submitting Web Forms
Filling in Web forms (like the one used to submit this tip) can be a bit of a gamble - you put in your pearls of wisdom, perhaps only to lose them all if the Web page flakes out or the browser crashes. Instead of losing all your text, "save" it by pressing Command-A to select all and then Command-C to copy the selected text to the clipboard. Do this periodically as you type and before you click Submit, and you may "save" yourself from a lot of frustration. It takes just a second to do, and the first time you need to rely on it to paste back in lost text, you'll feel smart.
- Security Issue with Email Attachments (03 Aug 98)