Outlook Express 5.0 Open to Security Breach — Microsoft has issued an alert about a security hole in Outlook Express 5.0 for the Macintosh. Essentially, a malicious person could send a specially composed MHTML (MIME HTML) message to an Outlook Express 5.0 user. That message would then automatically download a file to the user’s default Download folder without the user’s knowledge. (You set the Download folder in the Internet control panel, Internet Config, Internet Explorer, or other Internet Config-savvy application.) If that file were a destructive application, and if you were to launch it, damage could occur. This situation is similar to receiving an application as an email attachment. In this case, though, you won’t be able to connect a message to that file; at some point, you’ll just find an unidentified application in your Download folder with no indication that it might be dangerous. Although Microsoft is working on a fix, the only solution at the moment is to open only downloaded files whose source you can identify. [ACE]
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.