Outlook Express flaw endangers non-users too


Outlook Express flaw endangers non-users too

Antony Savvas

A bug in Microsoft’s Outlook Express could let hackers take over a user’s machine, even if they don’t use the e-mail program.

Microsoft has already issued a patch to stop hackers taking advantage of a flaw in the Outlook Express Network News Transfer Protocol (NNTP) newsreader program.

Microsoft said that users who used Outlook Express as a newsgroup reader were mainly at risk, but security software company Symantec said all users with the Windows-bundled e-mail client could be at risk because of the tight integration between Outlook Express and the Internet Explorer browser.

It was originally thought that users could only fall victim to the bug if they had previously visited a rogue newsgroup server. But Symantec said past exploits could also be used to gain control of a user’s machine using NNTP, even when Outlook Express wasn’t being used on the machine.

Windows 2000, XP and Server 2003 are all affected by the threat, although PCs equipped with the Windows XP Service Pack 2 are not.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy