|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical product liability (was: Virus Update)
Apparently, this is just another example where M$ ignored reports of the security vulnerability for years, and now everyone else has to pay. Lloyd's of London is estimating the cost at $8,000,000,000 and rising. There's a report of another security hole that Netscape fixed years ago, but still exists in Outlook: http://news.cnet.com/news/0-1005-200-1820959.html Are any of our bigger ISPs willing to initiate a class action to recover the costs? Dean Robb wrote: > > At 06:56 PM 5/4/00 -0400, David Charlap wrote: > > > >One of them (I think Outlook) can also auto-launch attachments when the > >message is selected (and displayed in the preview window) and not even > >opened. This is a _BIG_ security hole that Microsoft has not fixed, > >despite other virusses (like Melissa) which have already taken advantage > >of it. > > > > There are instructions for disabling ActiveScripting in Outlook on the MS > website. It's enabled by default. That'll stop the attachements from being > auto-executed. Remember, according to their TV ads, MS exists to help the > consumer! > [email protected] Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
|