Results 1 to 2 of 2
  1. #1
    Platinum Lounger
    Join Date
    Jan 2001
    Roanoke area, Virginia, USA
    Thanked 0 Times in 0 Posts

    Re: OE Vulnerablity rptd by InternetWeek (OE 6.0)

    It's possible DSLReports or internetwk is behind the times - MS releases many security fixes and even subscribers to NTBugtraks and the MS security mailing can't keep up. (I think this was announced in a security bullitin, but i can't recall. You can look them up at the microsoft technet site)

    It makes no sense to announce a vulnerablity to the world before a fix is ready - it's like posting a note in public saying you are going to be away for a few weeks. Anyone, including crimials can see it. So they typically wait to mention it after the fix is ready.

  2. #2
    New Lounger
    Join Date
    Oct 2002
    Thanked 0 Times in 0 Posts

    OE Vulnerablity rptd by InternetWeek (OE 6.0)

    I found this while looking thru articles on DSLReports: Internet Week rpts Outlook Express 5.5 & 6.0 vulnerable to buffer overrun which would allow hacker to gain access to computer and perform ANY function a authorized user could. Does anyone have any more info on this? How would I know if I had been attacked?

    The article also says the SP released Sept. 9 protected against this. Does that mean MS waited more than a month to announce this and fix it?


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts