weldL0PHT.COM

• Next message: Frank Monroe: "Re: NTFS Permissions on Documents and Settings not set properly d urin g unattended setup"
• Previous message: Sami Vaarala: "Export version of Windows 2000 IPsec may silently default to DES"
• In reply to: Russ: "FW: Microsoft Security Bulletin (MS00-034)"
• Next in thread: David LeBlanc: "Re: FW: Microsoft Security Bulletin (MS00-034)"
• Reply: Weld Pond: "Re: FW: Microsoft Security Bulletin (MS00-034)"
• Reply: David LeBlanc: "Re: FW: Microsoft Security Bulletin (MS00-034)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A disappointing part of this security bulletin is where Microsoft
describes the problem: "The vulnerability could allow a malicious web
site operator to take inappropriate action on the computer of a user who
visited his web site."

They neglect to mention the very serious problem of receiving malicious
HTML files via a web enabled mail client such as Outlook. Malicious web
pages are a minor problem. Email viruses and worms are a very serious
problem. They spread exponentially and are harder to track. As long as
IE, Outlook and Windows are so tightly coupled every "malicious web site"
vulnerability is a potential Outlook vulnerability that could be much,
much worse.

-weld

• Next message: Frank Monroe: "Re: NTFS Permissions on Documents and Settings not set properly d urin g unattended setup"
• Previous message: Sami Vaarala: "Export version of Windows 2000 IPsec may silently default to DES"
• In reply to: Russ: "FW: Microsoft Security Bulletin (MS00-034)"
• Next in thread: David LeBlanc: "Re: FW: Microsoft Security Bulletin (MS00-034)"
• Reply: Weld Pond: "Re: FW: Microsoft Security Bulletin (MS00-034)"
• Reply: David LeBlanc: "Re: FW: Microsoft Security Bulletin (MS00-034)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]