Outlook flaw 'a risk to all users'


Outlook flaw 'a risk to all users'

A bug in Microsoft Outlook Express could allow hackers to take control of a machine even when its user does not use the e-mail program.

Microsoft has issued a patch to stop hackers taking advantage of a flaw in the Outlook Express NNTP (Network News Transfer Protocol) newsreader program.

Microsoft said users who use Outlook Express as a newsgroup reader were most at risk. However, security supplier Symantec said all users with the Windows bundled e-mail client could be at risk because of Outlook's tight integration with the Internet Explorer web browser.

It was originally thought that users would first have to visit a rogue newsgroup server to fall victim to the bug. But Symantec said past exploits could also be used to gain control of a user's machine using NNTP, even when Outlook Express is not being used on the machine.

Windows 2000, Windows XP and Windows Server 2003 are affected by this threat, but users with the Windows XP Service Pack 2 are not.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

This was first published in July 2005


COMMENTS powered by Disqus  //  Commenting policy